The use of wireless networking provides a more versatile way to access the Internet and to use a laptop computer, broadening the scope of mobile computing. With the added benefits of a wireless network at the State University of New York at Fredonia, comes additional user responsibility. A wireless user must be aware of the inherent security issues that exist in a wireless environment. Caution must be exercised to ensure a safe, secure and reliable computing environment. This document contains a brief overview of wireless networking and proper computing habits in an unencrypted communication environment.
It is important to understand the unique nature of a wireless network. The differences in the infrastructure of a wireless network versus a wired network create areas of concern, which should be known by all prospective users. The Fredonia wireless network relies on the 802.11b networking protocol, which uses the 2.4GHz radio frequency range. In other words, communication of data between the client side and the wireless access point, or receiver, is broadcast over radio waves. This means that data is being transmitted in public airspace where the communication could possibly be intercepted by eavesdroppers.
802.11b supports many encrypted standards, such as WEP and LEAP, which provide a certain level of encryption for wireless networking communications. But Fredonia has decided not to employ these types of encryption due to known security weaknesses, which make the implementation of a WEP or LEAP encrypted network environment less beneficial in the long run, and due to a more effective alternative of Virtual Private Networking (VPN). Data sent and received over a wireless connection will generally be in clear text, and unencrypted.
Also, as with any networked computer, a computer on the wireless network will be open to possible unauthorized access from other parties on the network. Proper patching of operating systems and current Virus protection are required when using the Fredonia wireless network.
Proper Computing Habits:
- Wireless connections should not be considered your main network connection. They are intended for simple academic and personal uses such as web browsing and email.
- Unless you are using an encrypted protocol, do not use a wireless connection for any University business application, such as Banner web services.
- We strongly recommend changing your email password. Due to security issues with the wireless network, you should do this from a non-wireless computer.
We recommend that you take the following steps to ensure security:
- Avoid any credit card, banking, or other transactions which may give out sensitive data such as credit card or bank account numbers.
- Avoid using Telnet applications. The use of the SSH protocol as an alternative can be more secure.
- Avoid Web sites that require a username and password but do not use Secure Socket Layer (SSL) technology.
How to tell if a site is secured:
If you are viewing a secure site, your web browser provides a way of telling you the site is secure. The easiest way to do it is to just look at your browser window. All browsers provide a lock icon for secure sites. For most sites, only user logins need to be secured, to protect usernames and passwords, but for more sensitive sites such as credit card, banking, and online payment sites, the entire site should be secured.