Wireless (in)Security in Your Pocket

Verizon has launched the pocketable MiFi router. The MiFi 2200 has CDMA with EV-DO Rev. A. So you can roam around without a datacard as the only means for your laptop on the middle of nowhere. This credit card size access point can connect multiple devices such as your iPhone or a laptop. I havent bought a gadget in awhile, but this might be the one.

mifi_full

Sitting on the plane for three hours in a delay might be more tolerable if you can get online. Not having to pay for TMobile hotspot access and not being tethered to your laptop, all great features. But what about the dangers?  Wireless security is a challenge here and it should be addressed sooner rather than later.

The wireless risks actually havent changed. But the reality is that if someone uses the MiFi to connect their IPhone rather than using the ATT network to browse, do you think they will think as much about security as if they used a laptop? Probably not.  Using portables to get online doesnt seem as dangerous as a laptop does it? People equate more “data” risk with a laptop, but most portable devices have tons of stored data, contacts, files etc. They are at risk and the education isnt there yet about these risks. Should you be running antivirus on your portable device? Should you have an iPhone Firewall application?

So what do you need to do? Well the steps are pretty much the same as for other wireless hotspot access points:

1) Require encrypted authentication

2) Change default username and passwords

3) Disable broadcast of the SSID

4) Enable logging and alerting

5) Have hostbased security tools such as antivirus, firewalls and intrusion detection on your portable devices if possible.

If you are so old fashioned that you dont have one of these in your pocket and you need a hotspot, try the HotSpot finder Jiwire, http://www.jiwire.com/  Here are some interesting Wifi hotspot stats from Jiwire

Top 10 Location Types

RankTypeLocations
1Hotel / Resort59,224
2Cafe39,310
3Other38,430
4Restaurant37,159
5Public Space / Public Building19,386
6Store / Shopping Mall16,063
7Office Building10,145
8Pub5,478
9Hotzone5,413
10Airport2,938

 

Gary Bahadur

baha@kraasecurity.com

http://www.kraasecurity.com

http://blog.kraasecurity.com

http://twitter.com/kraasecurity

*Vulnerability Management

*Compliance & Policy Development

*PGP Security

*FREE Website Security Test

Enhanced by Zemanta