September 2003

Security Problems in Wireless Networks

Although your article “Wireless Networks” (July 2003) mentions the security problems in the wireless encryption protocol (WEP), the security protocol that is currently used in the 802.11b protocol poses serious risks.

Technical reviews render WEP insecure. The reason is simple: The authentication of a user occurs in the WEP protocol in clear text. This means someone “sniffing” the airwaves for network activity can simply copy the encryption key and proceed to use the network connection.

The practical implication is not immaterial. Most wireless hubs sold in the United States use 802.11b. This weakness in the connectivity puts a damper not only on the regular workings of an office but also on the assessed risk during an audit.

To mitigate this risk, prudent installers should make sure that a firewall is installed internally on all computers connected to a WEP-enabled hub. Practitioners should consider these factors both for themselves and for clients they serve.

Yigal Rechtman, CPA
Person & Company
New York, N.Y.

Editor’s Note: The letter writer served in the Israeli communication corps from 1986 to 1989. He is a member of the Information System Audit and Control Association (ISACA).



Home | Contact | Subscribe | Advertise | Archives | NYSSCPA | About The CPA Journal

The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.

©2006 The CPA Journal. Legal Notices

Visit the new cpajournal.com.