Problems in Wireless Networks
Although your article “Wireless Networks” (July 2003) mentions the security problems in the wireless encryption protocol (WEP), the security protocol that is currently used in the 802.11b protocol poses serious risks.
Technical reviews render WEP insecure. The reason is simple: The authentication of a user occurs in the WEP protocol in clear text. This means someone “sniffing” the airwaves for network activity can simply copy the encryption key and proceed to use the network connection.
The practical implication is not immaterial. Most wireless hubs sold in the United States use 802.11b. This weakness in the connectivity puts a damper not only on the regular workings of an office but also on the assessed risk during an audit.
To mitigate this risk, prudent installers should make sure that a firewall is installed internally on all computers connected to a WEP-enabled hub. Practitioners should consider these factors both for themselves and for clients they serve.
Yigal Rechtman, CPA
Person & Company
New York, N.Y.
Editor’s Note: The letter writer served in the Israeli communication corps from 1986 to 1989. He is a member of the Information System Audit and Control Association (ISACA).
©2006 The CPA Journal. Legal Notices
Visit the new cpajournal.com.