UPS delivers security in its wireless network
- By Bob Brewin
- Nov 07, 2004
According to United Parcel Service Inc. officials, they operate the world's largest wireless network to support the company's hubs and stations. They consider this network so critical to daily operations that they apply wireless security from the top down.
Joe Lawless, UPS' department manager for global network system design, said officials at the company, based in Atlanta, have centralized configuration management of 7,000 Wi-Fi access points used in their domestic hubs, sorting stations and offices. Their management system ensures rogue access points are not connected to the network.
These access points eventually will support the use of 50,000 wireless terminals equipped with bar code scanners, which help UPS employees manage sorting operations. UPS officials have moved well behind the lowest level of Wi-Fi security, the Wired Equivalent Privacy (WEP), to ensure that only authorized devices can communicate with the company's wireless network, Lawless said.
WEP is flawed because it uses static keys to protect data, so UPS officials adopted a product called KeyGuard from Symbol Technologies Inc., which changes keys on a per packet basis, Lawless said. This method ensures that even if hackers capture one key, the rapid rotation of keys will not allow them to cause significant damage.
UPS officials also try to limit signal spillage beyond their property to deter hackers who attempt to sniff out networks with high-gain antennas. "We try to keep in mind that someone might be out there with a high-gain antenna" when setting Wi-Fi power levels, Lawless said.
Company officials also have decided to bolster their Wi-Fi security with sensor technology that can detect the presence of rogue access points or hackers attempting to penetrate the network, he said. They have placed a bid for the technology.
Finally, physical security plays an important role in Wi-Fi security, Lawless said. UPS security guards routinely check facilities' perimeters for potential Wi-Fi hackers. Although it's expensive to install a Wi-Fi sensing system and perform perimeter sweeps at 400 domestic locations, he said, "it's better than the alternative: a 'CNN moment.' That's when find out you have a problem by seeing it on TV first."