Companies and consumers are using Wi-Fi networks more than ever, although security measures aren’t always keeping pace, according to a new study from security firm RSA.
The seventh-annual Wireless Security Survey showed “dramatic” growth of wireless networks in New York, London and Paris.
And at a time when concern over data security is at an all-time high — especially as the implications of high-profile breaches like TJX’s are still being felt — the study found that enterprises and home-based networks are incorporating better Wi-Fi security standards than they were in the past. There’s still much room for improvement, however, RSA said.
In New York City, the number of wireless access points increased 45 percent from 2007, although that figure represented a slight slowing in growth rate from the 49 percent it saw in 2007. The survey, conducted by RSA, the security division of storage titan EMC (NYSE: EMC), reported approximately 9,000 access points in operation in New York.
In comparison, the number of access points in Paris grew 543 percent from last year to 4,481, while London retained its title as the “most wireless city,” with 12,276 access points.
For the first time, the survey also identified the number of at-home wireless networks in play around metropolitan financial centers. In New York City, 19 percent of access points were based inside the home, while the figure was 21 percent in Paris and 55 percent in London.
When it comes to the number of public hotspots — working on a pay-as-you go or pre-paid basis — New York City saw year-to-year growth of 44 percent, with public hotspots now accounting for 15 percent of all of its access points.
Paris saw the most growth in public hotspots, with an over 300 percent increase, although public access points only account for 6 percent of all of the city’s access points. London, meanwhile, brought up the rear in public access growth with a 34 percent increase. As a result, London’s public access points represent 5 percent of its total Wi-Fi access points.
While strong growth continues for Wi-Fi deployments in each of the three cities,
The RSA study also found that 97 percent of New York City’s corporate access points featured some level of encryption — an increase of 21 percent over last year and the greatest growth spike in the seven years of the study. In Paris, 94 percent of business’ Wi-Fi access points had some form of security, while only 80 percent of London’ business access points were secured.
In many cases, home networks appear to be more security-savvy. According to the report, 97 percent of New York City’s at-home Wi-Fi access points use encryption, with 61 percent of those networks using advanced encryption.
In Paris, 98 percent of the City of Lights’ at-home Wi-Fi installations were protected by encryption standards, while in London, more than 90 percent of consumers had set up security for their in-home Wi-Fi access points.
“This is good news for businesses and consumers alike,” the study said.
More secure, but gaps remain
Another positive security trend is that enterprises and consumers are moving away from basic Wired Equivalent Privacy (WEP) encryption standard, adopting more secure technologies instead, the survey found. As a result, a growing number of businesses and consumers are dropping WEP in favor of Wi-Fi Protected Access (WPA) or a more advanced edition of the protocol, WPA2.
The report said that New York City-based WPA use reached 49 percent during the year, with 50 percent of all businesses having adopted WPA or stronger security.
“Overall, the adoption of non-WEP advanced encryption is encouraging,” the survey said.
The rest of the wireless networks it surveyed in New York either used WEP or lacked encryption at all, however.
In Paris, the story was more promising: 71 percent of the overall Wi-Fi access points RSA found used WPA or WPA2, with 72 percent of businesses’ access points using the technology. London lagged behind, with only 48 percent of its overall access points and 48 percent of its business access points using security stronger than WEP.
“We strongly urge wireless network administrators to discount WEP as a viable security mechanism and upgrade to WPA or stronger,” the survey said, stating that failing to do so can leave companies “vulnerable to whole classes of attacks against both access points and wireless client computers.”