SlideShare une entreprise Scribd logo

Wireless (In)Security Trends In The Enterprise

AirTight Networks
AirTight Networks

WiFi is proliferating fast. The convenience of wireless access, low cost, and plug-and-play nature of the technology have been the major drivers for WiFi’s popularity among home Internet users. Lately we are also seeing an increasing adoption of WiFi in the enterprise. More and more businesses are rolling out wireless LANs to cut costs and increase productivity. Today all laptops, PDAs, and smartphones have WiFi built in. WiFi hotspots, spanning coffee shops, hotels, airports, or even cities, are mushrooming to meet the growing demand of WiFi Internet access.

TechnologieBusiness
1  sur  5
Télécharger pour lire hors ligne
AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise A Whitepaper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com © 2009 AirTight Networks, Inc. All rights reserved.
AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise WiFi is proliferating fast. The convenience of wireless access, low cost, and plug-and-play nature of the technology have been the major drivers for WiFi’s popularity among home Internet users. Lately we are also seeing an increasing adoption of WiFi in the enterprise. More and more businesses are rolling out wireless LANs to cut costs and increase productivity. Today all laptops, PDAs, and smartphones have WiFi built in. WiFi hotspots, spanning coffee shops, hotels, airports, or even cities, are mushrooming to meet the growing demand of WiFi Internet access. Ironically, the unlicensed frequency spectrum, low cost, and ease of use — the major contributors to WiFi’s success — are also promoting its reckless use. Like any new technology, WiFi brings with it a unique set of security challenges. The prevailing “harden-my-network-perimeter” model of enterprise network security is rooted in the common belief that “being inside (on an enterprise LAN) is safe and outside (the Internet) is unsafe.” This model completely breaks down in presence of wireless. The data and the network are now in the air; the invisible radio waves cannot be confined to a building or behind a firewall, blurring the enterprise network perimeter. A hacker does not need to physically enter a building to bypass the firewall and access an enterprise network. Sitting in the vicinity (e.g., in the parking lot or a coffee shop across the street), the hacker can simply scan the air to discover WiFi vulnerabilities in the network. No special hardware or expertise is needed — just a laptop and a WiFi packet sniffing tool available for free on the Internet. A series of high-profile security breaches that exploited WiFi vulnerabilities in recent times reflect a serious lack of awareness among WiFi users as well as network administrators. The TJX debacle — largest security breach and identity theft conspiracy in U.S. history — is one example of what such ignorance can cost an enterprise. Other recent instances (e.g., terror email incidents in India, cyber extortion in UK) point to unsecured WiFi becoming a safe haven among cyber criminals for its convenience and the ability to remain anonymous. To gain a “hacker’s eye view” of enterprise WiFi networks and understand the common security gaps, AirTight Networks conducted WiFi security scans across business districts and airports worldwide. What we found was alarming! © 2009 AirTight Networks, Inc. All rights reserved. 2
AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise Official enterprise WiFi deployments are not properly configured -- The awareness about using WiFi securely is lagging far behind the rate at which it is being deployed. This is reflected in the high percentage of APs being Open (without encryption) or using the flawed Wired Equivalent Privacy (WEP) encryption. Stronger encryption standards such as the WiFi Protected Access (WPA/WPA2) exist. Yet majority of the discovered APs continue to be vulnerable. Here is the distribution of WiFi security settings on APs discovered in six US financial districts (New York, Chicago, Boston, Wilmington, DE, Philadelphia, San Francisco) and London, UK during a WiFi scan study in early 2009. Total APs discovered: 3632 Open and WEP APs serve as wireless backdoors for hackers to enter the enterprise network, access local resources on the LAN, sniff sensitive data traversing the LAN and misuse Internet access without getting detected by firewalls, wired IDS/IPS, and LAN monitoring solutions. Often administrators configure their APs with MAC filtering and disable broadcasting SSID (name of their WiFi network). These measures only give a false sense of security. It is very easy to spoof authorized MAC addresses and to discover SSID of a network by passively sniffing over the air data in the vicinity of the WiFi network. This information is sent in clear text and nothing can stop a hacker from finding it. Presence of home/SOHO grade WiFi APs in enterprise -- Not only are majority of the APs vulnerable, but we are seeing a growing trend of low cost home APs being used in enterprise environments. Out of the Open/WEP APs discovered in the financial districts, 61% were home/SOHO APs. In some cases, IT administrators settle for inexpensive home/SOHO APs to save on costs. These APs are often limited in capabilities (e.g., security, logging) and cannot be managed centrally — increasing the chances of lapse in security. However, more often these APs are “Rogues” connected to enterprise LANs. Rogue APs are unmanaged WiFi APs attached to the corporate network without Distribution of home and the knowledge of the administrator. They may be innocently deployed by enterprise grade Open/WEP unwitting employees looking for wireless access, or they could be maliciously APs placed. Most Rogue APs are unsecured. And it is not difficult to bypass physical security (if any is in place) given how small and inconspicuous (e.g., USB WiFi) many of these APs are. So regardless of whether your business uses or bans WiFi, it is risky to discount the presence of unknown or unmanaged WiFi devices on your enterprise network. © 2009 AirTight Networks, Inc. All rights reserved. 3
AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise Mobile workforce is a soft target -- The number of businesses employing a mobile workforce is growing. Mobile users empowered with WiFi laptops, smartphones, and PDAs can unknowingly expose enterprise security even when they are thousands of miles away from their workplace — waiting for their flight at the airport, sipping a cup of coffee at their favorite cafe, or accessing the Internet from confines of their hotel room. A WiFi security scan study of over 30 airports worldwide (US, Canada, Europe, and Asia-Pacific) exposed many inadvertent WiFi malpractices among mobile WiFi users. Many users continue to access the Internet over Open WiFi hotspots risking leakage of sensitive data over the air, including their identity. The WiFi manager software usually maintains a list of preferred networks or SSIDs — all WiFi networks that a handheld or laptop connected in the past. Unless the unused SSIDs are removed from the list, the WiFi device will continuously broadcast messages in the air searching for those WiFi networks. A hacker can easily set up a fake network with the SSID that a victim device is searching for, and automatically establish a connection. Once a connection is established, the hacker can use a variety of tools to scan the computer for known vulnerabilities and exploit them, possibly gaining access to the hard disk. A hacker can similarly exploit a user’s computer by tapping into a “Viral WiFi network.” Users commonly connect to untrusted WiFi networks, especially with enticing names (SSIDs) such as “Free Internet WiFi.” On connecting to these SSIDs, commonly called “Viral SSIDs,” the user does not access the Internet, but instead forms an ad-hoc network (direct computer to computer connection) with nearby WiFi computers. The viral SSID gets added to the user’s preferred network list and the user’s computer starts advertising itself as a WiFi network with that SSID inviting connections from other users. All this happens without the knowledge of the user. Group of seven computers found to be part of a Viral WiFi network during a five minute scan at a US airport. © 2009 AirTight Networks, Inc. All rights reserved. 4
AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise ABOUT Wireless Security Recommendations AIRTIGHT NETWORKS • Use strong encryption (WPA2) and authentication (802.1x based) for your AirTight Networks is the global enterprise WiFi network. leader in wireless security and compliance solutions providing • Conduct periodic WiFi scans to gain visibility into your airspace. Watch out customers best-of-breed for and get rid of Rogue APs on your network. Use WiFi scanning tools that technology to automatically allow you to automatically detect and physically locate Rogue APs. detect, classify, locate and block all current and emerging • Use a wireless intrusion prevention system (WIPS) if you need automated wireless threats. AirTight offers 24x7 WiFi scanning and complete proactive protection from all types of both the industry’s leading wireless misuse and hack attacks. wireless intrusion prevention system (WIPS) and the world’s • Educate your mobile workforce about endpoint security best practices first wireless vulnerability such as the use of VPN over Open WiFi hotspots. Consider use of an end- management (WVM) security- point WiFi security agent for enforcing corporate security policies at work, as-a-service (SaaS). AirTight’s award-winning solutions are home, and away. used by customers globally in the financial, government, retail, manufacturing, transportation, education, healthcare, telecom, Conclusions and technology industries. WiFi has become a mainstream technology offering great benefits and efficiencies AirTight owns the seminal patents but carrying with it unique security challenges. Unsecured WiFi provides an easy for wireless intrusion prevention technology with 11 U.S. patents target for hit-and-run style attacks allowing hackers to cause severe damage while and two international patents remaining invisible and undetected. Ignoring the specific requirements for securing granted (UK and Australia), and their enterprise network and users against WiFi vulnerabilities, businesses risk loss more than 25 additional patents of confidential data, legal fines and penalties, and brand erosion. By following WiFi pending. AirTight Networks is a privately held company based security best practices and using the right tools, enterprises can reap the benefits of in Mountain View, CA. For more WiFi while protecting their IT infrastructure from WiFi threats. information please visit : www.airtightnetworks.com Interesting links: http://www.airtightnetworks.com/airport-wifi-study http://www.airtightnetworks.com/finance-wifi-study http://www.airtightnetworks.com/secure-wifi-enterprise http://www.airtightnetworks.com/secure-wifi-home The Global Leader in Wireless Security Solutions AirTight Networks, Inc. 339 N. Bernardo Avenue #200, Mountain View, CA 94043 T +1.877.424.7844 T 650.961.1111 F 650.961.1169 www.airtightnetworks.com info@airtightnetworks.com © 2009 AirTight Networks, Inc. All rights reserved. AirTight Networks and the AirTight Networks logo are trademarks, and AirTight and SpectraGuard are registered trademarks of AirTight Networks, Inc. All other trademarks mentioned herein are properties of their respective owners. Specifications are subject to change without notice.

Recommandé

the history of the internet
the history of the internetthe history of the internet
the history of the internetMadison93
 
Excursie De Esch
Excursie De EschExcursie De Esch
Excursie De Eschguest7c5ddfd9
 
When WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksWhen WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksAirTight Networks
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAirTight Networks
 
Water Ways Presentation
Water Ways PresentationWater Ways Presentation
Water Ways PresentationTipperary
 
802.11n The Good, The Bad, and The Ugly: Will You Be Ready?
802.11n The Good, The Bad, and The Ugly: Will You Be Ready?802.11n The Good, The Bad, and The Ugly: Will You Be Ready?
802.11n The Good, The Bad, and The Ugly: Will You Be Ready?AirTight Networks
 
Is 11ac Right for Your Network?
Is 11ac Right for Your Network?Is 11ac Right for Your Network?
Is 11ac Right for Your Network?AirTight Networks
 
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014AirTight Networks
 

Recommandé

the history of the internet
the history of the internetthe history of the internet
the history of the internetMadison93
 
Excursie De Esch
Excursie De EschExcursie De Esch
Excursie De Eschguest7c5ddfd9
 
When WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksWhen WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksAirTight Networks
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAirTight Networks
 
Water Ways Presentation
Water Ways PresentationWater Ways Presentation
Water Ways PresentationTipperary
 
802.11n The Good, The Bad, and The Ugly: Will You Be Ready?
802.11n The Good, The Bad, and The Ugly: Will You Be Ready?802.11n The Good, The Bad, and The Ugly: Will You Be Ready?
802.11n The Good, The Bad, and The Ugly: Will You Be Ready?AirTight Networks
 
Is 11ac Right for Your Network?
Is 11ac Right for Your Network?Is 11ac Right for Your Network?
Is 11ac Right for Your Network?AirTight Networks
 
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014AirTight Networks
 
Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfAirTight Networks
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight Networks
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration AirTight Networks
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution briefAirTight Networks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...AirTight Networks
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecurityAirTight Networks
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Networks
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1AirTight Networks
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsAirTight Networks
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesAirTight Networks
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
802.11w Tutorial
802.11w Tutorial802.11w Tutorial
802.11w TutorialAirTight Networks
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsAirTight Networks
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Contenu connexe

Plus de AirTight Networks

Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfAirTight Networks
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight Networks
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration AirTight Networks
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution briefAirTight Networks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...AirTight Networks
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecurityAirTight Networks
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Networks
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1AirTight Networks
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsAirTight Networks
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesAirTight Networks
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsAirTight Networks
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 

Plus de AirTight Networks (20)

Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise Thyself
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSP
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution brief
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise Security
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQs
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
 
802.11w Tutorial
802.11w Tutorial802.11w Tutorial
802.11w Tutorial
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—Recommendations
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Wireless (In)Security Trends In The Enterprise

  • 1. AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise A Whitepaper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com © 2009 AirTight Networks, Inc. All rights reserved.
  • 2. AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise WiFi is proliferating fast. The convenience of wireless access, low cost, and plug-and-play nature of the technology have been the major drivers for WiFi’s popularity among home Internet users. Lately we are also seeing an increasing adoption of WiFi in the enterprise. More and more businesses are rolling out wireless LANs to cut costs and increase productivity. Today all laptops, PDAs, and smartphones have WiFi built in. WiFi hotspots, spanning coffee shops, hotels, airports, or even cities, are mushrooming to meet the growing demand of WiFi Internet access. Ironically, the unlicensed frequency spectrum, low cost, and ease of use — the major contributors to WiFi’s success — are also promoting its reckless use. Like any new technology, WiFi brings with it a unique set of security challenges. The prevailing “harden-my-network-perimeter” model of enterprise network security is rooted in the common belief that “being inside (on an enterprise LAN) is safe and outside (the Internet) is unsafe.” This model completely breaks down in presence of wireless. The data and the network are now in the air; the invisible radio waves cannot be confined to a building or behind a firewall, blurring the enterprise network perimeter. A hacker does not need to physically enter a building to bypass the firewall and access an enterprise network. Sitting in the vicinity (e.g., in the parking lot or a coffee shop across the street), the hacker can simply scan the air to discover WiFi vulnerabilities in the network. No special hardware or expertise is needed — just a laptop and a WiFi packet sniffing tool available for free on the Internet. A series of high-profile security breaches that exploited WiFi vulnerabilities in recent times reflect a serious lack of awareness among WiFi users as well as network administrators. The TJX debacle — largest security breach and identity theft conspiracy in U.S. history — is one example of what such ignorance can cost an enterprise. Other recent instances (e.g., terror email incidents in India, cyber extortion in UK) point to unsecured WiFi becoming a safe haven among cyber criminals for its convenience and the ability to remain anonymous. To gain a “hacker’s eye view” of enterprise WiFi networks and understand the common security gaps, AirTight Networks conducted WiFi security scans across business districts and airports worldwide. What we found was alarming! © 2009 AirTight Networks, Inc. All rights reserved. 2
  • 3. AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise Official enterprise WiFi deployments are not properly configured -- The awareness about using WiFi securely is lagging far behind the rate at which it is being deployed. This is reflected in the high percentage of APs being Open (without encryption) or using the flawed Wired Equivalent Privacy (WEP) encryption. Stronger encryption standards such as the WiFi Protected Access (WPA/WPA2) exist. Yet majority of the discovered APs continue to be vulnerable. Here is the distribution of WiFi security settings on APs discovered in six US financial districts (New York, Chicago, Boston, Wilmington, DE, Philadelphia, San Francisco) and London, UK during a WiFi scan study in early 2009. Total APs discovered: 3632 Open and WEP APs serve as wireless backdoors for hackers to enter the enterprise network, access local resources on the LAN, sniff sensitive data traversing the LAN and misuse Internet access without getting detected by firewalls, wired IDS/IPS, and LAN monitoring solutions. Often administrators configure their APs with MAC filtering and disable broadcasting SSID (name of their WiFi network). These measures only give a false sense of security. It is very easy to spoof authorized MAC addresses and to discover SSID of a network by passively sniffing over the air data in the vicinity of the WiFi network. This information is sent in clear text and nothing can stop a hacker from finding it. Presence of home/SOHO grade WiFi APs in enterprise -- Not only are majority of the APs vulnerable, but we are seeing a growing trend of low cost home APs being used in enterprise environments. Out of the Open/WEP APs discovered in the financial districts, 61% were home/SOHO APs. In some cases, IT administrators settle for inexpensive home/SOHO APs to save on costs. These APs are often limited in capabilities (e.g., security, logging) and cannot be managed centrally — increasing the chances of lapse in security. However, more often these APs are “Rogues” connected to enterprise LANs. Rogue APs are unmanaged WiFi APs attached to the corporate network without Distribution of home and the knowledge of the administrator. They may be innocently deployed by enterprise grade Open/WEP unwitting employees looking for wireless access, or they could be maliciously APs placed. Most Rogue APs are unsecured. And it is not difficult to bypass physical security (if any is in place) given how small and inconspicuous (e.g., USB WiFi) many of these APs are. So regardless of whether your business uses or bans WiFi, it is risky to discount the presence of unknown or unmanaged WiFi devices on your enterprise network. © 2009 AirTight Networks, Inc. All rights reserved. 3
  • 4. AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise Mobile workforce is a soft target -- The number of businesses employing a mobile workforce is growing. Mobile users empowered with WiFi laptops, smartphones, and PDAs can unknowingly expose enterprise security even when they are thousands of miles away from their workplace — waiting for their flight at the airport, sipping a cup of coffee at their favorite cafe, or accessing the Internet from confines of their hotel room. A WiFi security scan study of over 30 airports worldwide (US, Canada, Europe, and Asia-Pacific) exposed many inadvertent WiFi malpractices among mobile WiFi users. Many users continue to access the Internet over Open WiFi hotspots risking leakage of sensitive data over the air, including their identity. The WiFi manager software usually maintains a list of preferred networks or SSIDs — all WiFi networks that a handheld or laptop connected in the past. Unless the unused SSIDs are removed from the list, the WiFi device will continuously broadcast messages in the air searching for those WiFi networks. A hacker can easily set up a fake network with the SSID that a victim device is searching for, and automatically establish a connection. Once a connection is established, the hacker can use a variety of tools to scan the computer for known vulnerabilities and exploit them, possibly gaining access to the hard disk. A hacker can similarly exploit a user’s computer by tapping into a “Viral WiFi network.” Users commonly connect to untrusted WiFi networks, especially with enticing names (SSIDs) such as “Free Internet WiFi.” On connecting to these SSIDs, commonly called “Viral SSIDs,” the user does not access the Internet, but instead forms an ad-hoc network (direct computer to computer connection) with nearby WiFi computers. The viral SSID gets added to the user’s preferred network list and the user’s computer starts advertising itself as a WiFi network with that SSID inviting connections from other users. All this happens without the knowledge of the user. Group of seven computers found to be part of a Viral WiFi network during a five minute scan at a US airport. © 2009 AirTight Networks, Inc. All rights reserved. 4
  • 5. AIRTIGHT NETWORKS WHITEPAPER Wireless (In)Security Trends in the Enterprise ABOUT Wireless Security Recommendations AIRTIGHT NETWORKS • Use strong encryption (WPA2) and authentication (802.1x based) for your AirTight Networks is the global enterprise WiFi network. leader in wireless security and compliance solutions providing • Conduct periodic WiFi scans to gain visibility into your airspace. Watch out customers best-of-breed for and get rid of Rogue APs on your network. Use WiFi scanning tools that technology to automatically allow you to automatically detect and physically locate Rogue APs. detect, classify, locate and block all current and emerging • Use a wireless intrusion prevention system (WIPS) if you need automated wireless threats. AirTight offers 24x7 WiFi scanning and complete proactive protection from all types of both the industry’s leading wireless misuse and hack attacks. wireless intrusion prevention system (WIPS) and the world’s • Educate your mobile workforce about endpoint security best practices first wireless vulnerability such as the use of VPN over Open WiFi hotspots. Consider use of an end- management (WVM) security- point WiFi security agent for enforcing corporate security policies at work, as-a-service (SaaS). AirTight’s award-winning solutions are home, and away. used by customers globally in the financial, government, retail, manufacturing, transportation, education, healthcare, telecom, Conclusions and technology industries. WiFi has become a mainstream technology offering great benefits and efficiencies AirTight owns the seminal patents but carrying with it unique security challenges. Unsecured WiFi provides an easy for wireless intrusion prevention technology with 11 U.S. patents target for hit-and-run style attacks allowing hackers to cause severe damage while and two international patents remaining invisible and undetected. Ignoring the specific requirements for securing granted (UK and Australia), and their enterprise network and users against WiFi vulnerabilities, businesses risk loss more than 25 additional patents of confidential data, legal fines and penalties, and brand erosion. By following WiFi pending. AirTight Networks is a privately held company based security best practices and using the right tools, enterprises can reap the benefits of in Mountain View, CA. For more WiFi while protecting their IT infrastructure from WiFi threats. information please visit : www.airtightnetworks.com Interesting links: http://www.airtightnetworks.com/airport-wifi-study http://www.airtightnetworks.com/finance-wifi-study http://www.airtightnetworks.com/secure-wifi-enterprise http://www.airtightnetworks.com/secure-wifi-home The Global Leader in Wireless Security Solutions AirTight Networks, Inc. 339 N. Bernardo Avenue #200, Mountain View, CA 94043 T +1.877.424.7844 T 650.961.1111 F 650.961.1169 www.airtightnetworks.com info@airtightnetworks.com © 2009 AirTight Networks, Inc. All rights reserved. AirTight Networks and the AirTight Networks logo are trademarks, and AirTight and SpectraGuard are registered trademarks of AirTight Networks, Inc. All other trademarks mentioned herein are properties of their respective owners. Specifications are subject to change without notice.