Problem solve Get help with specific problems with your technologies, process and projects.

Is WEP sufficient?

My boss thinks that 40 bit WEP running on our wireless LAN access points is sufficient. I disagree. Will you help resolve this dispute?
Actually, you're both right. You boss is correct in that the flaw in the wired equivalent privacy (WEP) encryption algorithm is independent of the encryption key length (40 bit vs. 128 bit). Therefore, 40 bit encryption works just as well as 128 bit encryption with WEP enabled. This will be resolved in the upcoming WPA/TKIP standards. You are correct in that WEP isn't the only security mechanism that needs to be in place. There are dozens of physical access, AP hardening, and client security issues that need to be addressed to properly deploy a secure wireless LAN. Stay tuned to my future postings where I hope to address these.

Dig Deeper on Enterprise mobile security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.