Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein"— Presentation transcript:

1 Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein Andrew.Yeomans@drkw.com Wi-Fi Summit - October 2005

2 2 Dresdner Kleinwort Wasserstein (DrKW) DrKW is the investment bank of Dresdner Bank AG Member of the Allianz Group Headquartered in London and Frankfurt, offices in New York, Chicago, San Francisco, Boston, Tokyo, Sao Paulo, Paris, Milan, Beijing, Shanghai, Hong Kong, Luxembourg, Kuala Lumpur, Warsaw, Moscow, St. Petersburg, Singapore, Johannesburg, Madrid, Zürich Employs approximately 6,000 people around the world More than € 2 billion operating income in 2004

3 3 Relocation to 30 Gresham Street, London

4 4 With latest technologies Voice-over-IP (fixed and mobile) Wireless 802.11 Guest wireless internet access for visitors Staff access in meeting rooms

5 5 With latest technologies

6 6 Desire and lust for shiny new technology! Truly mobile computing – Work from the coffee lounge or canteen Wireless IP phone from anywhere in building Technology is cool Of course it’s secure!

7 7 Fear, Loathing and Rejection (Jim Herbeck) Protocol flaws Implementation flaws Usability – need another mobile? War driving, War chalking AirSnort, Kismet, WEPcrack Denial of Service … but are these real?

8 8 What can you do with an old laptop and a scenic view?

9 9 And a couple of old techies?

10 10 Results 150 + wireless networks seen Just using internal PCMCIA aerial Only half used WEP encryption (some are hotspots) With aerial can pick up Canary Wharf – 4 km away “The Feds can own your LAN too” – in 3 minutes http://www.tomsnetworking.com/Sections-article111.php Packet injection attacks

11 11 And that’s not all … Use in hotspots – real or fake? Home networks – set up securely? Location-sensing required – e.g. personal firewalls Insider threats – inadvertent and malicious Stolen devices (with keys) Other wireless devices

12 12 Floods of vulnerabilities

13 13 Means anticipating failure

14 14 But the new devices fix it, don’t they? "Those who cannot remember the past are condemned to repeat it." - George Santayana, The Life of Reason WEP -> WPA -> WPA2 (802.11i) -> ?? But devices are upgradable.. Or are they? And it takes years to flush out the old equipment So hotspots support least common denominator So have to run IPsec or SSL/TLS instead Unless you really can design from new

15 15 In conclusion Assess risks Confidentiality, Integrity and Availability are still key Anything can go wrong – so be prepared for failure Put appropriate policy controls in place Trust – but verify – check configurations, monitor data Work with your security people And reap the business benefits!

16 Questions? Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein Andrew.Yeomans@drkw.com Wi-Fi Summit - October 2005

Download ppt "Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein"

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Real world application Corporate Wireless Networking Andrew Yeomans DrKW & Jericho Forum Board.

Real world application Corporate Wireless Networking Andrew Yeomans DrKW & Jericho Forum Board.
Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,
Singapore lah? James Norris

Singapore lah? James Norris
IT GOVERNANCE COMMITTEE MEETING February 19, 2008.

IT GOVERNANCE COMMITTEE MEETING February 19, 2008.
Prepare for the future  The de-perimeterised “road-warrior”  Paul Simmonds ICI Plc. & Jericho Forum Board.

Prepare for the future  The de-perimeterised “road-warrior”  Paul Simmonds ICI Plc. & Jericho Forum Board.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
By Abdullah Al-Dossary Ahmad Al-Suhaibani

By Abdullah Al-Dossary Ahmad Al-Suhaibani
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Network Policy (slides by Jeremy, Brian, and Daniel)

Network Policy (slides by Jeremy, Brian, and Daniel)
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Wireless Security. Why is it important? Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. Over.

Wireless Security. Why is it important? Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. Over.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Wireless Vulnerability Management  2008 AirTight Networks, Inc. Wireless Vulnerability Assessment – Airport Scanning Report Part - II A study conducted.

Wireless Vulnerability Management  2008 AirTight Networks, Inc. Wireless Vulnerability Assessment – Airport Scanning Report Part - II A study conducted.
 2009 AirTight Networks. Financial Districts Wireless Vulnerability Study A study conducted by AirTight Networks, Inc. www.airtightnetworks.com.

 2009 AirTight Networks. Financial Districts Wireless Vulnerability Study A study conducted by AirTight Networks, Inc.
By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 

By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 
DIRECT-TO-CLOUD Issues & Implications Dale McCarty.

DIRECT-TO-CLOUD Issues & Implications Dale McCarty.
Cyber Security Finance Forum 2012 Michael DuBose Managing Director & Practice Leader Cyber Investigations.

Cyber Security Finance Forum 2012 Michael DuBose Managing Director & Practice Leader Cyber Investigations.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Similar presentations

Ads by Google