Staff wireless networks put data at risk

Staff wireless networks put data at risk


Employees plugging their own routers into access points

A Wi-Fi management firm has warned that companies may be unaware that their data is open to hackers because staff have set up their own wireless networks.

AirMagnet claimed that one employee could put the whole network at risk simply by plugging their own router into an access point.

"We go into a lot of companies which say 'we haven't got any wireless access' and we do a demo and three or four access points pop up," Ian Schenkel, EMEA managing director at AirMagnet, said.

The culprit is not necessarily attempting to breach the network, but simply wants to be able to use Wi-Fi on their laptop. "It is not always malicious but it gives you visibility," said Schenkel.

AirMagnet's Air Enterprise software has a triangulation function to pinpoint the offending Wi-Fi, and can root out problems on existing wireless networks by looking for anomalies.

"For example, if you normally use Netgear kit and you see a Linksys router you know that's not right," said Schenkel.

"If a wireless connection is popping up at four in the morning for an hour that's definitely malicious but it won't be picked up if no-one is monitoring it."

Schenkel also poured scorn on companies which believe they are protected because they are using the Wired Equivalent Privacy security algorithm.

"Everyone knows that Wep is untrustworthy and can be easily cracked," he said. "AirMagnet is able to add an overlay security if companies are still running Wep."