SMEs score low on wireless security

PUBLISHED : Friday, 05 March, 2010, 12:00am
UPDATED : Friday, 05 March, 2010, 12:00am

Thousands of small and medium-sized companies that use wireless technology can eliminate the risk of attacks from hackers within minutes and at no cost, technology consultants say.

Simple tips for setting up a secure Wi-fi computer system include creating a password with letters and numbers, changing the password regularly and switching to newer encryption settings. 'Most of the bosses are not IT people; they are focused on their businesses,' Ken Fong, chairman of the Wireless Technology Industry Association, said. 'They don't need to spend any money - just take about 10 minutes to change the settings.'

Fong's remarks followed a survey carried out by his association and the Productivity Council, which found that 55 per cent of SMEs in the retail and logistics sectors failed to protect their Wi-fi access points adequately.

The poll, which surveyed 122 SMEs between June and December, found more than half had either poor computer security under the outdated Wireless Equivalent Privacy (WEP) encryption or no protection at all.

Fong said newer versions of Wi-fi encryption, such as WPA and WPA2, provided far greater protection, but were used by only 45 per cent of the poll respondents. This contrasted with the finding that 70 per cent believed their Wi-fi networks were safe.

'People can steal the identity of the IP address', which would expose sensitive data such as passwords and credit card details, Lawrence Cheung Chi-chong, the council's principal consultant for IT industry development, said. Retail clients might also be put off by the slow internet access resulting from hackers clogging up the wireless bandwidth, Cheung said.

The city has about 47,000 small to medium-sized retailers, 3,000 logistics firms and 12,000 restaurants.

Teresa Ng, who runs TC2 Cafe Workshop in Yau Ma Tei, said she had no idea that she could adjust encryption options to secure free Wi-fi network for customers.

Ng said customers who wanted to use Wi-fi must ask the cafe for a password, which was rarely changed. She presumed the customers were aware of the risk of information leaks.

'Customers have the responsibility to protect their personal information. They have to bear the risk when they use Wi-fi,' she said. 'I think customers should not do such private things as credit card transactions in a public place. It's common sense.'

Unsafe surfing

The percentage of public Wi-fi access points found in locations easily accessible by anyone: 41%