I recently blogged about howin some industries. Whenever I write about wireless in this way, I always get dinged with security concerns. Do we really want our financial transactions and health care records riding over radio waves willy-nilly across the enterprise?
I certainly understand the sentiment. After all, security professionals are paid to be paranoid. My contention however is that while Wi-Fi security has greatly improved over the past few years, many security professionals still hark back to the early days of the easily hackable Wired Equivalent Privacy (WEP) and use this to fuel their current skepticism. With all due respect to the security community, things have changed quite a bit.
Don't get me wrong. A mis-configured or rogue wireless access point is still a huge vulnerability, but a strong configuration based upon the WPA2 and 802.1x standards make Wi-Fi pretty secure. Still not convinced? Talk to Wi-Fi security leaders like Aruba Networks, Cisco Systems, and Trapeze Networks and you'll find some of the smartest network security minds around. Hey, they have to be more paranoid then security professionals or they don't sell a thing.
One final note on wireless security. A lot of today's commercial technologies had their roots in the military and were used in battlefield environments. Aruba Networks has received certification from the U.S. Department of Defense and the U.K. Ministry of Defense. Pretty tough security crowd, if you ask me.
Believe me, I am the first person to stand up and cry foul when the industry tries to hide security vulnerabilities, over-market security functionality, or use proprietary security technologies to lock out competitors and lock in customers. Wi-Fi security passes all of these hurdles in my mind. As such, it is time to start considering the "all wireless office" in earnest and stop reviving the arguments of the past.