CPA Practice Advisor

NOV 2018

Today's Technology for Tomorrow's Firm.

Issue link: https://cpapracticeadvisor.epubxp.com/i/1051460

Contents of this Issue

Navigation

Page 30 of 33

NOVEMBER 2018 ■ www.CPAPracticeAdvisor.com 31 THE 21ST CENTURY ACCOUNTANT BRIAN F. TANKERSLEY CPA.CITP, CGMA (@BFTCPA, CPATechBlog.com K2 Enterprises brian.tankersley@cpapracticeadvisor.com A USER'S GUIDE TO ENCRYPTION PART THREE: ENCRYPTING WI-FI Note: This is part three of a series. The first column discussed practical methods to encrypt data “at rest” (www.cpapracticeadvisor.com/12423152), while the second one details encrypting data while it is “in transit” with secure portals and encrypted messages (www.cpapracticeadvisor.com/12423261). I was at the barber shop recently, waiting for my appointment, and another patron asked the barber, “Do you have Wi-Fi?”, and the barber pointed at a sign on the wall with the name of the wireless network, which was an “open” wireless network that had no security. While we have all used public wireless networks, whether in barber shops, coffee shops, hotels, libraries, schools, or airports, there are risks associated with using public networks which can be mitigated, but not eliminated, by scrambling your data transmissions using encryption. Two major methods of accomplishing this are using Wireless Network Encryption or creating a Virtual Private Network (VPN) with another computer, perhaps using the internet to connect a device to a server at your office. We will discuss Wireless Network Encryption this month and will cover Virtual Private Networks next month. The shocking reality is that unless you use one of these technologies, some of the data you transmit over an open wireless network can be intercepted on a nearby computer and read by someone else – think of this as “digital eavesdropping.” When you connect to Wi-Fi at a coffee shop, use wireless internet on an airplane, or connect at a hotel or restaurant, you should assume that everything you do can be watched by your neighbors. In the early days of Wi-Fi, many users I know had their e-mail credentials and messages stolen out of thin air over the wireless network in hotels, and over 10 years ago we adopted VPNs or use our own cellular internet connection devices instead of the unencrypted hotel internet. The standard rule became “no public Wi-Fi” use permitted, and this rule is likely to change as noted below. Wireless Network Encryption While no current wireless security standard is perfect, Wi-Fi Protected Access (WPA2) is one of the most secure protocol] available in current networking hardware used to encrypt data while it is being transmitted over the radios used in a wireless network. When you connect to a wireless network with WPA2, you must have the name of the network (SSID) as well as enter a shared “network security key” which is used to identify you as an authorized user of the networka href=”#_ftn2” name=”_ftnref2”/a. The network security key also facilitates your computer and the wireless access point hardware exchanging encryption keys (strings of data used like passwords) with each other. Your Wi-Fi radio then uses the encryption keys to scramble data it transmits over the wireless network and descramble radio signals received from the access point’s radio over the wireless network. Since the encryption keys on each computer are unique to your device, and only the wireless access point can decrypt each individual conversation, you can’t snoop on the radio traffic of other devices even though you’re using the same network, secured with the same network security key. A new standard called WPA3 has been approved and when implemented, it will provide encryption on all wireless networks – even open networks like those available in hotels, airports, and coffee shops. Unfortunately, very few devices available in the market as I write this (in September 2018) can use this standard. It will be years before all devices are required to meet this standard, so we will have to wait for everyone to replace their devices and upgrade their wireless networking hardware before we can take advantage of the new standard and its security enhancements. In our final installment in this series, we will conclude our discussion of encryption with virtual private networks. ■

Articles in this issue

Links on this page

Archives of this issue

view archives of CPA Practice Advisor - NOV 2018