|Page (1) of 1 - 11/23/10||email article||print page|
As more and more employees bring smart phones, PDAs, and wireless laptops into the corporate environment, CIOs need to determine whether it makes sense to upgrade the entire organization to a wireless architecture.
Wireless may seem convenient and preferred from a user standpoint, but CIOs must balance user satisfaction with other major concerns, such as maintaining an environment where information is always secure and always available.
Security is top concern
Security is often the number one concern CIOs cite in reference to going wireless. If the idea of all those bits flying through the air isn't enough to make CIOs uneasy, then the constant evolution of wireless security protocols is. Initially thought to be secure, the Wired Equivalent Privacy (WEP) encryption protocol in the 802.11 standard turned out to have several weaknesses that allow an intruder access to a wireless network, according to the Wi-Fi Alliance.
Wi-Fi Protected Access (WPA) and the newer Wi-Fi Protected Access 2 (WPA2) were designed to sew up the security holes in WEP and offer strong encryption and authentication to protect data and keep rogues off the network. Nonetheless, many analysts still recommend that enterprises force employees to access the corporate network through a virtual private network (VPN) as an added precaution. Although it's not always necessary, it can provide more peace of mind.
"People don't realize how naked they are when they go wireless," says Roger Kay, president of Endpoint Technologies Associates, a high-tech research firm. "Unless they use encryption or a VPN, virtually anybody can snoop and sniff their data. These are the things that make IT very afraid."
Weighing the pros and cons
Indeed, electronic data is always at risk -- a point illustrated by the virus-and-patch dance that hackers and vendors engage in daily. Just as quickly as vendors release new security measures, hackers evolve their modes of attack to get around them. Given that wireless networks can be just as secure or insecure as wired networks, what else is at stake for CIOs and their organizations when deciding whether to go wireless?
Wireless networks can provide a number of benefits to an organization:
- Workers may be more productive
- Mobility can potentially increase employee satisfaction
- Temporary networks are quick and easy to set up
On the other hand, wireless networks have some possible drawbacks:
- They require constant, careful attention to security
- Hard costs, such as equipment and time to implement, are all up front and can be high
- IT staff must expand roles and responsibilities to manage the wireless network, often without -additional resources
Assess the organization's needs and goals
Wireless may be the wave of the future, but that doesn't mean it's right for all organizations or even all departments within an organization. To assess whether an enterprise is ready to cut the cords, CIOs should consider a few key points.
- Level of security required Although nobody wants their data visible to possible intruders, organizations in certain industries will suffer more severely than others if data leaks. This situation was clear to Joe Wood, vice president and CIO of Columbus Regional Healthcare System in Columbus, Ga., when he was deciding whether to go wireless. In health care, legislation such as the Health Insurance Portability and Accountability Act (HIPAA) spells out tough standards that organizations must uphold -- or face stiff fines and penalties.
"Obviously, there's a lot of private information held in electronic medical records, and our livelihood would be at stake if some of that information got out," Wood says. "If a hacker sitting in our parking lot somehow got into the system and accessed an electronic record, there are a lot of lawyers out there looking for things like this."
- Staff resources to manage wireless With the right tools, it's possible to set up and manage a wireless environment with a pretty lean IT staff. But a wireless infrastructure does add responsibilities to IT's shoulders, and someone has to carry the burden -- usually existing employees who must take on additional duties. If the current team doesn't have the skill set to manage a wireless environment, can the existing budget support training? If current employees are maxed out, can the budget support the burden of additional headcount?
- Potential productivity gains In a 2004 CIO Insight study of 250 IT executives, 77 percent said one of the greatest benefits resulting from wireless technology was increased productivity. After determining which employees might benefit from wireless access, CIOs should attempt an ROI analysis that predicts productivity gains. For example, determine approximately how many extra hours of productivity will come from each employee who will have wireless access. Then, based on the employees' salaries, determine how much that productivity equals in dollars. Finally, weigh that number against all of the hard and soft costs of a wireless deployment. "The problem with that argument is that the expenses are hard and up front while the savings are soft and on the back end," says Endpoint's Kay. "IT has to pay for the hardware, infrastructure, software, and training -- and that's all before you get the first hour of productivity. And even then, how does IT know you're actually being productive to the company?"
Assess the current environment
Are employees already using wireless? If so, CIOs need to either shut down ad hoc access points or bring wireless under the umbrella of the corporate IT infrastructure. But CIOs should note that if ad hoc, unofficial access points already exist, that's a sign that users want -- and are already benefiting from -- the freedom that wireless provides.
Above all, remember: Wireless is young
Although it's a great feeling to have access to corporate applications and the Internet from nearly anywhere on campus, CIOs should remember that wireless technology is still in a nascent phase. It's evolving constantly, especially in terms of security. For some CIOs, this fact will be enough to put a damper on requests for wireless networking. Eventually, wireless security may reach a level of maturity that will make more CIOs eager to embrace it. But in the meantime, it's the CIO's job to manage the delicate balance of information availability and information security -- and to determine whether wireless tips the scales too far in either direction.
Tara Swords is a Chicago-based journalist who has written about business and technology for more than eight years.
Copyright (c) 2010 Studio One Networks. All rights reserved.>