WPA3 Can Boost Your Organization's Wireless Security

The Wi-Fi Alliance has begun certifying wireless devices that meet the new WPA3 standard to make wireless communications more secure and easier to manage. The transition should be fairly straightforward, although for many businesses it’ll mean having to buy new access hardware. At this point, only Cisco has said that current systems will be updated to support WPA3. “Cisco is committed to integrating WPA3 features into our Aironet Access Points and Wireless Controllers via a firmware upgrade so that our existing and new customers can take advantage of the capabilities offered by WPA3,” said Greg Dorai, vice president for Cisco WLAN. A number of other wireless vendors, including Aerohive, Arris, Aruba, Broadcom, Intel and Qualcomm, have stated they’re going to start building products that support the WPA3 standard. However, actual products with support for WPA3 won’t appear on the market until late 2018 or 2019.

Once WPA3 infrastructure products begin appearing, the first steps will be to upgrade your access points, controllers and routers. Your existing WPA2 client devices will continue to work because the Wi-Fi Alliance’s standard is backward-compatible. Right now, it’s not clear when you can expect to see client devices that support WPA3. The chip makers are going through the certification process, but so far, the Wi-Fi Alliance hasn’t announced that it has certified anything yet and a search for WPA3 devices yields no results. At some point, certified products will be available and you will be able to start evaluating them.

In the meantime, you can get ready for WPA3 by looking for devices on your network that use older standards, if you still have any. The new WPA3 infrastructure will not support the original WPA nor WEP. Considering that WPA2 has been around for 14 years, you most likely won’t find many such devices, but if you do, get rid of them, because they’re insecure and can’t be made secure. Contact your vendor to determine whether there are plans to upgrade your devices to the new standard. Cisco has already said that its Aironet devices will receive a software update.

The next step is to consider your specifications for future hardware purchases. It’s likely that devices with built-in WiFi, such as laptops, tablets and phones, will include support for WPA3 when they’re shipped in 2019. While it’s possible that devices made in 2018 and earlier may be able to be upgraded, don’t assume that they will be. WPA3 is intended to improve support for the Internet of Things (IoT), but that really means new devices. While the WPA3 infrastructure will support IoT devices designed for WPA2, this is an area where you may run into issues if only because some legacy devices use older standards which won’t be supported. Some manufacturing equipment is running much older wireless standards that rely on obsolete wireless buses that don’t even meet the original WiFi standards. If you still have such equipment, you already know it’s not secure. Perhaps this is the time to upgrade those networks.

The Wi-Fi Alliance has divided WPA3 into two types, one for home use and one for the enterprise. The home version of the standard is quite secure and is what you’ll likely encounter in home offices, small businesses, and airports. The enterprise version of WPA3 is intended for highly secure applications for the government, financial institutions, and larger businesses. Despite the fact that the Wi-Fi Alliance doesn’t explicitly say you must use the enterprise version for most business uses, you really should. It has better encryption and can handle penetration attempts more effectively.

Another important change is that open networks will still encrypt data, so you won’t have to worry about someone reading your email while you’re at the airport. Unfortunately, that still doesn’t prevent someone from setting up a man-in-the-middle attack or using a bogus access point. Still, it’s a huge improvement of the current situation in which nothing is encrypted on an open network. Overall, WPA3 is a needed change that’s been a long time coming. Consider moving to it as soon as you can. It will make your network much more secure.

Read the full article by Wayne Rash at “eWeek” here.


Comments

Popular posts from this blog

EOQ Calculations in Excel

Reliability Calculations in Excel

“How Are We Doing?” Efficiency, Utilization, and Productivity