On December 29th, Information Week announced that a German computer scientist cracked the encryption algorithm that secures 80% of the world's mobile phones. This means more than 3 billion mobile users, in over 200 countries, could be compromised. That sounds big, but just how big is the threat, and what does it mean to your enterprise?
The GSM Association asserts the hackers’ ability to break GSM encryption is a long way from being a practical attack, and does not present an immediate danger to GSM security. And, the potential threat to GSM security does not affect the security of 3G or 4G networks.
Even so, the potential security breach with such global implications does make one pause and ask “just how secure is my wireless network and the devices accessing the network”? Wireless technology, in general, makes people concerned when speaking of security. And enterprises, arguably, are most concerned with wireless security since sensitive corporate conversations and data are transmitted and accessed over the air.
Truth be told, security is stronger than ever today, and built ubiquitously into service provider networks, WLANs and devices. Add to this that enterprises integrate their own additional layers of security, and the corporate security posture can be very robust.
For enterprises leveraging 3G and 4G technology, consider the strength of current layers of security: the physical layer, VPN’s, authentication, encryption, wireless intrusion protection, and access control. And, as new devices come to market, security mechanisms are integrated, such as the authentication and identification system in the new Sprint 3G/4G modems. While security is stronger than ever before, the abundance of new threats continues to cause IT organizations to remain vigilant in protecting the enterprise.
I venture to say most users rarely think about security until an incident makes the news (such as the GSM code hacker), or when an incident becomes personal like identity theft. We take security for granted. For IT, the risk of a security breach is constant.
In the end, what hackers and security threats really do is propel IT experts within the enterprise security ecosystem, to be smarter. We perform at our best. The hackers challenge us and play games. We check mate. And we are better for it, as we build faster, more powerful, and the most secure networks of our time.