Many businesses run their own wireless infrastructures and many know well to protect it. But how do you know when it is time to use a stronger encryption algorithm to protect the data sent wirelessly?
Generally, there are two possibilities. One is to wait until hackers break into your network by exploiting the easy-to-break WEP encryption you have on your wireless network and as a result steak millions of customers’ credit card numbers and personal data. Example: the TJX story.
The second, and the better possibility, is to do it before your (or your client’s) organization is prominently featured in the Wall Street Journal. Example: the TJX story.
Here’s a short excerpt of what should make every IT director to think about switching from WEP to WPA or better.
Investigators found that TJX was using a weak encryption protocol to protect its consumer data in July 2005, when hackers first broke into its computer system. The protocol, known as Wired Equivalent Privacy, or WEP, isn’t recommended by securities experts even for wireless home networks because it is so vulnerable to hackers.
TJX decided to upgrade to a more secure Wi-Fi Protected Access encryption protocol at the end of September 2005, Canadian officials said. By then, however, hackers had been able to access the company’s internal transaction database. They did so initially from outside two stores in Miami, the probe found.
- TJX’s Security System Faulted in Canada Probe, Wall Street Journal, September 26, 2007.