Publication Date: Wednesday, June 25, 2003
Are wireless networks worth the risk?
|
Related
Stories |
Meeting FERPA requirements in a wireless-network school requires even more stringent attention to potential security pitfalls inherent to the system, according to security experts.
Many companies with wireless systems safeguard data with password protection, said Philip Vahey, a research scientist in the Center for Technology and Learning with SRI International, an independent, not for profit research organization in Menlo Park.
"Other companies have hired consultants to make sure there are no computer holes and physical holes in security. They will literally hire consultants to drive around and see how close they can get to get on the network. It is as much about physical proximity as it is about a hacker breaking into your firewall," Vahey said.
Requiring user passwords on a wireless system is a simple but important way for schools to protect against unauthorized users, but may not protect against a persistent hacker, he said. Switching to a closed computer network will increase confidential data protection, but at the loss of a convenient wireless system.
Determining the right balance between security and convenience is a balancing act, Vahey said.
"It's convenience to the IT people and convenience to the users and the technological sophistication it requires to set up the system that meets all the different needs you have," he said.
A constant awareness of authorized-user policies and keeping all networks password protected is essential to maintaining security of student-related datain a wireless school.
"Once you get used to wireless it is just much more convenient. People don't want to live without that once they get it. Once you realize the students don't all have to be in that one computer lab that is wired for the Internet...it really opens up just more than before.
"You are really hesitant to take it out on the off chance that someone gets close enough to sniff (get on) the network," Vahey said.