Companies rarely use 802.1x and thus leave the door open for hackers, according to Robert Lamprecht, IT advisory supervisor at KPMG.
“With 802.1x, unauthorized users can’t get access to your network. Without it, you are vulnerable to people who can come in and steal information,” said Lamprecht, who spoke at the European Computer Audit Control and Security Conference in Stockholm.
But so far, that argument apparently hasn’t convinced many companies. When Lamprecht asked audience members during a session on wireless security if they used 802.1x, only a few out of about 100 participants raised their hands.Part of the problem is awareness, according to Lamprecht. Many people still see internal networks as secure. But a bigger problem is complexity.
“Implementing 802.1x requires a lot of work. Companies often have to change their whole architecture,” said Lamprecht.
Management software is getting better and easier to use, but companies still have to use different tools for hardware, software and identity, which creates a lot of overhead. On top of Lamprecht’s wish list is a tool that can do all three and reduce management costs.
“It is and will continue to be a hot topic, so we will probably see [such a tool] in three years,” Lamprecht said.
.gif)
