Information Age: News, analysis & insight for IT & business leaders

6 May 2004 Two key improvements to the security and performance of Wi-Fi devices are expected to be launched in September 2004, as the usage of the technology continues to boom among businesses and home users.

The 802.11i is the complete version of the preliminary Wi-Fi Protected Access (WPA) security standard that was introduced last year, while the 802.11e is a new standard that will improve the quality of wireless networks that transmit voice and video.

The products for both standards will be certified by the Wi-Fi alliance.

The lack of security has become a huge problem for wireless networks, which are now the focal point for attacks from 'drive by' hackers. Furthermore, many Wi-Fi users leave their machines wide open to attack when they hook up to Wi-Fi networks.

The Department of Trade and Industry's biennial Information Security Breaches Survey 2004, which interviewed 1,000 chief security officers at companies of all sizes across the UK, found that more than half had no Wi-Fi security controls in place whatsoever.

This is despite the number of companies using wireless networks rising dramatically in recent years, from just 2% in 2002 to more than one-third today. At the same time, hacking has apparently quadrupled during the last two years.

The 802.11i standard introduces Advanced Encryption Standard (AES) technology, a stronger level of security than used in WPA. However, organisations may need to replace dated networking equipment or adopt third party products in order to support that technology, warned Frank Hanzlik, managing director of the Wi-Fi alliance.

WPA replaced the flawed Wired Equivalent Privacy (WEP) protocol last year, before the full 802.11i standard was ratified. Not only does the WPA use a dynamic encryption key as opposed to the static key used by WEP, but it also improves the user authentication process.