SHRM: Smart Wireless Connectivity Key to Data Protection

My first story for the Society of Human Resource Management magazine appeared online yesterday. It focuses on the dangers that face mobile employees who use unsecured wireless networks and what human resource professionals need to know about the trends.

You can’t read it because it’s by subscription. Instead, I’ll give you my lede and what I cut from my first clip in a trade publication.

Smart Wireless Connectivity Key to Data Protection
By Christopher Wink, January 2009

As companies around the world trend toward cheaper wireless networking, appropriate security methods come, too. But when human resource professionals or other employees access unsecured wireless networks in public places like airports, hotels and coffee shops, who’s protecting your company’s private information?

“When you go wireless, you are carrying a radio station broadcasting everything you are doing on your computer,” says David Michael Perry, the global director of education at Trend Micro, a technology securities firm in California. Read more here (with subscription).

Otherwise, see highlights of my interviews that didn’t make it into the story.

  • On VPNs: “It gives you another door that you can lock,” says Jason Averbook, CEO of Knowledge Infusion, a talent management firm in Minneapolis, Minnesota.
  • On businesses fighting wireless hackers: “We’re closing the barn door after another horse gets out.,” says John Greer, vice president of human resources and development at Smart Financial Credit Union in Houston.
  • On what a wireless network says to hackers: “‘Here, come connect to my computer and see what I got.’” says Pravin Bhagwat, co-founder and chief technology officer for Airtight Networks. “This is the equivalent to plugging a cable into your laptop and leaving it hanging for anyone to use.”
  • “In the long run the technology will either be made safer than it is now or be abandoned for something,” says David Michael Perry, the global director of education at Trend Micro, a technology securities firm in California. “There is no safe, secure wireless. ”
  • “This is well-developed underground science,” Perry says. “Do I connect [when traveling]? Absolutely. But what I don’t do is engage in any private behavior when I am on that network. A laptop is inherently insecure because it can be stolen with the data that’s on it. Put it onto a wireless network, any wireless network, and it’s a great deal worse than you thought.”

Some information that didn’t make the cut.

  • High-traffic public places like airports, train stations and cafés – where unsecured wireless networks and laptops are increasingly as commonplace as people – are becoming breeding grounds for online information robbery.

  • Clicking on an unknown peer-to-peer network won’t access the Internet; it will open a portal through which sensitive documents or information can be siphoned by “bad guys,” Perry says.
  • There are other, more complicated wireless dangers, long-known in technology communities but foreign to most management personnel. Unlike the passive hacking of network phishing and “evil twin” tricks, where hackers wait for prey in public places, there are far more targeted attacks like war driving, in which hackers use extension antennae to break into wireless networks, accessing company data.

If you’re an HR executive, why should you care?

Denise Messineo, senior vice president of Human Resources for IT provider Dimension Data, says:  “HR professionals need to have some basic understanding of this for their organizations.”

Image courtesy of RHCS.