Wireless Security for the Legal Profession
What lawyers should know about wireless connections and security.
Wireless computing and communication devices are everywhere and used by everyone, including legal professionals. Although extremely convenient, using a wireless communication device may not be appropriate for sensitive and/or confidential matters, due to the unsecure nature of wireless connections. Lawyers should be aware that wireless networks and devices are vulnerable to security breaches. As corporate and business use of wireless networks increases, and as wireless capabilities expand, the existing wireless security issues will be magnified.
Types of Wireless Connections
In the U.S., the main types of connections used for wireless computing and communication is WLAN, also known as WI-FI.
WLAN and WI-FI
The first type is a fixed wireless connection, most commonly a wireless local area network (WLAN) connection with laptop or tablet computer or smart phone. This type of connection is also known as WI-FI, which is a trademark name to brand devices compliant to IEEE 802.11 standards.
Wireless LAN connections are the more secure of the two connections. WLAN (and WI-FI) connections can be secured if users take basic precautions, such as: i) turning off the LAN access point (AP) SSID; and ii) activating Wi-Fi Protected Access (WPA2). These two operations make it difficult for would-be-intruders to detect and access your wireless network. Failure to take these simple precautions could result in the unauthorized use and/or misuse of information available through your wireless network.
Even with basic protections activated, wireless LAN and WI-FI connections are not totally secure. For example, attorneys should exercise caution when communicating confidential information on various forms of low-security Internet communication, such as Instant Messaging while using a public WI-FI connection.
Security threats to the wireless domain can range from relatively harmless free Internet access, to malicious intrusion, data theft, snooping, interference, destruction, and virus attack.
Unencrypted text messages can easily be forwarded to unintended recipients.
Another common vulnerability of wireless networks is "war-spamming." This occurs when an unauthorized person intrudes into an open access point (AP) of a wireless LAN, and uses it to send out spam email. Recipients of the spam would then believe it originated from the legitimate owner of the wireless network.
Viruses and can attack both WLAN and PCS wireless connections. Although most viruses are written for Windows and DOS based computers, the prevalence of mobile viruses that attack smart phone operating systems are increasing.
While wireless networks and devices allow great convenience for communication and computing, the security of the wireless domain is not impervious to intrusion and attack. The more people use wireless for valuable communications, the more attractive wireless becomes to attackers. Legal professionals who use WLAN / WI-FI connections should secure their networks and communications by employing the WPA2 protection that is often included with their wireless hardware. Until better forms of security are established for PCS connections, the legal profession should not depend on devices such as mobile phones, handheld PCs and PDAs, for secure confidential communications.
August 2014 Editor’s Note: This article has been updated to reflect the fact WPA is a far more secure encryption system than WEP and is more suitable for lawyers due to its stronger security capabilities.