2006: Wireless and security hot ticket items

Demand was high for wireless networks this year as more state and local governments, emergency responders, and the Defense Department tested or deployed the technology. A rise in thefts of government laptop PCs that contained sensitive information and the need to meet Homeland Security Presidential Directive 12 requirements spurred demand for information security technologies.  Here are some highlights.This was the year WiMax lived up to its billing as the next big thing in wireless technology. WiMax aims to build on Wi-Fi’s popularity. Wireless hot spots employing the 802.11 Wi-Fi standard have proliferated nationwide, but each access point provides coverage to an area measured in feet. WiMax, on the other hand, can offer as much as 31 miles of coverage on a line-of-sight basis. The technology also offers greater bandwidth and supports higher-level networking protocols than Wi-Fi. The arrival of standards and interoperable products coincides with local governments’ pursuit of ambitious wireless projects. For example, Minneapolis, San Francisco and Philadelphia plan to launch municipal wireless networks to serve residents and attract businesses. WiMax could play a role in those initiatives, government and industry executives say. Federal agencies, including DOD, have expressed interest in the technology. The port city of Corpus Christi, Texas, has attached 300 wireless access points to traffic signals, streetlights, water and radio towers, and buildings to provide a blanket of IP network access across 24 square miles. Within five years, city officials plan to expand that to 1,600 wireless access points spread across 147 square miles.The Corpus Christi network uses wireless mesh technology, a newer and more versatile version of the popular Wi-Fi gear that creates wireless hot spots. It promises to help public works crews, police officers, and fire and rescue squads communicate and access information, such as real-time video, city maps and inventory. Schoolchildren will also be able to use the network to access the Internet and keep in touch with teachers, and Internet service providers will resell it as wireless broadband connectivity to businesses, residents and visitors.The Joint Task Force-Civil Support and the Joint Forces Command are testing wireless technology needed to assist first responders and civilian agencies during a chemical, biological, radiological or nuclear attack. As part of the Northern Command, JTF-CS is the first military team on the ground during such crises. The unit must integrate its efforts with first responders and civilian agencies. Lives depend on its ability to deploy quickly and set up operations. But JTF-CS members are slowed by the thousands of feet of wires and cables they need to set up their command post. They must load, unload, install and maintain a web of wires, and those are time-consuming tasks. JTF-CS officials say wireless networks are the solution. Only fixed military sites  can install wireless local-area networks. Tactical units on the front lines cannot set up WLANs quickly and securely. But now JTF-CS and the Joint Forces Command say they hope to fill that need with a program called Wireless for the Warfighter. The program provides a wireless extension for computer and phone lines that warfighters can set up in a crisis within minutes rather than hours. To encrypt or not to encrypt? When protecting sensitive data, that is not a question. Sensitive information, whether transmitted via a network or stored in databases or on laptops, must be encrypted to protect against theft and misuse.After the data theft involving a Department of Veterans Affairs employee whose stolen laptop contained the Social Security numbers and other personal information of 26.5 million veterans, experts say organizations should be looking for products that can protect data regardless of its location.RSA Security launched an initiative recently to offer companies and government agencies a more comprehensive approach to enterprise data protection. The aim is to protect sensitive data wherever it resides: at the application level, within databases, in files and operating systems, on laptops and mobile devices, or in storage.Meanwhile, Ingrian Networks is taking a different approach by storing encryption keys on a security appliance rather than on servers where encrypted data resides, which is where most software-based encryption products store them.Every electronic document has three states of being: rest, transit and use. Typical security products have focused only on the first two states: protecting information while it resides in a repository or moves across a network. A new category of security software called enterprise rights management  is offering a way to protect information while it’s in use.The emerging technology relies on encryption, audit trails and the application of fine-grained user controls that limit the data people can access and how they can use it, said Trent Henry, a senior analyst at the Burton Group. The government’s new identity credentials will provide better building security once agencies acquire card readers and other information technology infrastructure products. But agencies and security vendors are already thinking of additional uses for the smart card identity credentials that HSPD-12 required agencies to begin issuing Oct. 27.Security experts who advise federal agencies say the applications for secure identity credentials are nearly limitless, and the secret to their versatility is in the cards.