Vulnerability Management

Google data collection scandal reveals careless security at Wi-Fi access points

The news that Google saves unencrypted content from Wi-Fi networks as it collects data for its Street View mapping service is creating an uproar among the public.

More and more data protection specialists are leveling harsh criticism at the company. They shouldn't be.

What is so alarming about the Google Wi-Fi scandal is not the fact that data was collected. The central problem lies elsewhere.

There are numerous unprotected Wi-Fi networks in the United States, and the Google issue has made people aware of how carelessly they treat their data on a day-to-day basis. The fact is Google did not "hack into" any of these networks, nor did it access this data through illegal methods.

The Street View cars simply collected data that was, metaphorically speaking, floating around in the air already. In any case, the company did no more with this data than save it. Anyone with a reasonable grasp of technology can collect Wi-Fi data these days.

It is not difficult to protect wireless access points.

In recent years, many manufacturers have marketed secure consumer solutions aimed specifically at private households, which can be configured at the touch of a button.

However, it is not so simple for businesses. They have different requirements, and enterprise wireless security solutions are generally still inflexible, expensive and complex. As a result, companies either forego Wi-Fi altogether, despite its business benefits, or they rely on cheaper consumer solutions.

This can be dangerous, as these versions naturally provide a much lower level of security than enterprise solutions. An enterprise solution should be able to do more than manage an access point centrally, for example. It should also be able to support strict authentication in relation to Active Directory, for instance.

Secure, convenient guest access is also a standard feature of an enterprise solution. If a company opts for a consumer product, there is no guarantee that it can be securely integrated with the operating environment and the security policy.

It is particularly important to ensure that a Wi-Fi security solution fits seamlessly into the security infrastructure in place, including features such as the firewall, VPN, and content filter.

From a security perspective, it is less important to ask whether Google was right or wrong to collect data. Instead, Wi-Fi users should ask themselves whether they wish to continue to leave their poorly protected or even unencrypted data lying around or whether they would rather take action to prevent others from accessing it.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.