By Graeme Wearden, 14 April 2004 07:55
NEWS Many UK companies are running wireless networks and allowing remote access to their IT systems without having implemented the necessary security, despite constant warnings.
Research published on Tuesday found that over half of companies with wireless networks say they are not running any additional security, despite experts repeatedly warning that wireless access points are particularly vulnerable to a hacking attack.
The study, part of the Department of Trade and Industry's (DTI) 2004 Information Security Breaches Survey, found that 8 percent of companies know they have experienced a hacking attack on their network. Twenty-three percent said they didn't know whether they had been attacked.
One in seven of those that knew they had been targeted said they had suffered over 100 attempts.
The survey also found an increase in the number of companies that allow employees to work remotely. However, many are failing to implement security measures such as VPNs and are relying just on password protection.
Andrew Beard, the PricewaterhouseCoopers advisory director who led the survey for the DTI, said: "Businesses seem to be dragging their feet when it comes to introducing security controls over remote access to their systems."
"There are several reasons for this. First, many of those who want remote access appear to be the least aware of the additional risks it entails. Second, the majority of companies do not analyse their security incidents in a way that enables them to identify which are caused by remote access. Lastly, awareness of the available security techniques is poor, leading to inappropriate security controls being deployed."
Graeme Wearden writes for ZDNet UK
Comments
There is 1 comment. Join the discussion
1. Darren White IEng CITP MBCS MCP
UK companies can't take all of the blame for lack of WiFi security. Our upgrade from WEP to WPA security was made unnecessarily difficult by 'household name' hardware suppliers who's supposidly compliant driver & firmaware upgrades just didn't work, and their admittance of this was 'burried' in support knowledge bases. Also, Microsoft's Wireless Network Connection software leaves a lot to be desired in the connection and robustness stakes. And WiFi / Centrino is being marketed as a consumer product? If we can't do it then what chance have they got?