RealTime IT News

A 'SaaSy' Approach to Wireless Security

With the growth of the mobile workforce, wired security has become the phrase on many lips in corporate IT.

The International Information Systems Security Certification Consortium, or ISC2, reported recently in its latest global information workforce survey that wireless security solutions constitute the leading IT security technology planned by tech staffs -- with 15 percent of the study's more than 7,500 respondents looking to implement them.

But one company is banking that they will gravitate toward a solution based on software as a service (SaaS) when enterprise IT staffs realize the expense and time associated with identifying weaknesses and installing equipment.

Enter AirTight Networks, which last month launched its a SaaS wireless security solution, SpectraGuard Online.

Ideally, a wireless SaaS security solution cuts costs for customers by removing the need for them to install, support and maintain the back-end infrastructure; it also ensures access to the latest technologies.

Take Andreini & Company. The nearly 60-year-old independent insurance broker, which has about 50,000 customers and writes about $500 million worth of policies yearly, had been struggling with illicit Wi-Fi use.

Although the company officially prohibited wireless network access, employees were still using e-mail and surfing the Web from their laptops during meetings, the company said.

"There were breaches of our 'No Wi-Fi' policy, but we didn't know where or how ... we didn't know what was going on," Senior Vice President Mike Brunn told InternetNews.com.

Brunn ultimately signed on with AirTight as a beta customer after being enticed by what he saw as "a very cheap method of implementing a wireless security policy," he said, "about $1,800 for a year."

Two days after bringing in AirTight, he got a report "riddled with all kinds of alerts," Brunn said. Once he said he realized the scale of his breaches, Brunn said Andreini then signed on for AirTight's full vulnerability remediation service.

The allure of SaaS

The inexpensiveness and ease of use involved in setting up a SaaS-based solution is one reason behind the trend's burgeoning uptake in the enterprise. Now, AirTight is aiming to reap the benefits of SaaS with its take on wireless security.

The company's solution "is a pretty low-barrier way to understand what's happening without a long-term commitment," Lisa Phifer, president of network and security consultancy Core Competence, told InternetNews.com. "The more sites you have the better that proposition looks."

AirTight also generates tailored reports for clients on their wireless security, Phifer said, so, "retailers that have to worry about PCI compliance get a report that's tailored to PCI regulations, so they can take action on it rather than just being faced with this mountain of data."

One aim of SaaS solutions like AirTight's is to woo help small and medium-sized business that can't afford the cost of standard wireless security solutions, as well as large enterprises with multiple sites.

Consequently, AirTight is banking that potential clients will be looking to switch to SaaS from a deployed solution, where "the hard part is justifying paying for the infrastructure," Phifer added.

In the very near future, wireless security -- now the province of larger enterprises -- is going to become crucial to companies of all sizes, making it increasingly critical for firms to have affordable solutions in place.

"As wireless becomes more and more ubiquitous -- 95 percent of laptops have Wi-Fi embedded in them, and more and more handheld devices have Wi-Fi -- we're coming to a stage where we'll be vertical-agnostic as to who needs wireless security," James Brehm, senior consultant at Frost & Sullivan, told InternetNews.com.

"Think about the warehouse that's using Wi-Fi bar code readers within their network. If their network goes down, they're dead in the water for shipping and materials handling and collecting more revenues," he said, adding that "eighty percent of business types in the U.S. have some sort of wireless network."

The SaaS approach was one reason online real estate listing service LoopNet (NASDAQ: LOOP) also signed on to become an AirTight client.

"We've been looking at wireless security solutions for a while, and everything we saw was too expensive," said LoopNet CTO Wayne Warthen. "They were great for a large company but we're relatively small, with about 300 people."

Another potential attraction is the benefit of having outside parties ensuring security -- a plus when it comes to having to meet compliance requirements.

During an earlier audit of the company's wireless network, "we spent several days to check every single access point, confirm we had security set up and so on," Warthen said. "It was a lot of work."

Since then, LoopNet joined AirTight, and Warthen now has higher hopes in the event of future audits.

"Our auditors like to see where there are third parties involved in checking your system," he said.