Financial industry adopts WiFi, neglects its risks
Financial services institutions have invested much money and effort to make their wired communication networks secure. The same cannot be said about their wireless networks. New research from TowerGroup underscores this fact against the backdrop of increasing number of instances of data theft in the financial services industry. WiFi networks, if not properly managed, will emerge as a channel of significant threat to reputation and customer trust. "The first and perhaps the most onerous threat from WiFi for financial institutions is rooted in faulty corporate IT strategy," said Bob Egan, research director of the TowerGroup Emerging Technologies practice and co-author of the research. "Institutions that choose not to support WiFi officially are not immune to security threats via WiFi technology. Though they may choose not to purchase and support devices like laptops with embedded WiFi capability, employees may still own and use such devices."
Egan noted that there are administrative tools to block WiFi capability exist (for example, tools which disable add-on WiFi peripherals, such as PC cards and adapters), but this blocking-access approach is difficult to enforce and overlooks or ignores the remaining threats to security. "WiFi is dramatically changing the face of communication. Institutions must be prepared to change their information security policies and practices to respond to the reality that WiFi devices employees are using on their premises may serve as unintended points of entry for security intrusions to their networks," he said.
For more on WiFi in the financial sector
-see Tower Group Web site