The deployment of Wi-Fi devices and Wi-Fi networks is continuing to expand at a rapid pace. The number of people that have 802.11 or Wi-Fi enabled computing devices has become significant (5 million in 2004) and is growing rapidly to an estimated 60 million by 2007. Forecasts indicate that 90% of all laptops and 85% of all mobile phones or PDA’s will be Wi-Fi enabled by 2009.

The legal office in many cases now has a steady stream of opposing council, clients, and other visitors arriving on site requesting Internet access. Internet access for guests has been recognized as a need within the legal office for many reasons such as productivity of business meetings, enabling auditors access to the tools on their home LAN they need to get their job done, and as a means to attract clients.

Many legal offices are now in the process of rolling out Wi- Fi networks for their employees and have implemented or are about to implement the required security policies to ensure that the corporate LAN is protected. In conjunction with these projects arises the question: How to provide the firm’s visitors with complimentary yet controlled Wi-Fi Internet access without the need for costly local support and administration? In the case of guest access to the Internet, many of the underlying assumptions for a security policy are different from those for employee access to the corporate LAN: guest access will be short term, it will need to be permitted without prior knowledge that the guest will be on site and without any advance information on the guest’s identity. Due to the temporary and short term nature of the relationship between the guest and the firm, the security policy must permit access that is ad hoc, instantly available, and be of much lower cost as well as effort on behalf of the end user and IT personnel than the security model used to secure Wi-Fi access to the corporate LAN for employees.

The guest access solutions that are generally available in the market place today for the most part do not provide the required trusted environment for guest access. If they do manage to provide a secure solution then they are either too costly and too complex. Alternatively, they allow access to the internet that is secure but with severely limited functionality. Typical in house solutions currently available include the following:

Provide an open Wi-Fi connection: This solution results in completely open access for any visitor and provides no tracking of usage or abuse and completely exposes the enterprise to embarrassment if not a liability.

Provide temporary ID’s: This solution places an administrative burden on the IT department, and often an IT resource has to be summoned in order to configure a visitor’s laptop and even worse load WEP keys. Even if special visitor ID’s are used, unless the visitor provides detailed identity he or she can remain anonymous.

Provide Guest PC’s: This solution requires a substantial investment and only allows visitors to access the Internet and web based mail. Client based VPN access is therefore not possible.

Dial up Access: As the only PSTN line is usually the fax line, this solution normally results in an unplugged fax machine. In addition, dial access speed is slow, and one phone line is needed per visitor.

The challenge becomes one of authentication. How do you guarantee the identity of an individual when they log onto your network? Using email addresses is commonplace but these provide no tangible proof of a person’s identity. Since we’re talking about mobile individuals, we need to look at authentication methods that leverage technology that they already use. The natural choice is the cell phone. The cellphone identity is secure and traceable via records with their wireless provider. With SMS technology, an application that leverages the authentication provided by the cell phone, companies that want to grant courtesy access can deliver a password to this device and know that each person on their network can be traced if needed. No additional equipment configurations or system downloads are required, thereby minimizing any impacts of internal administrative or IT resources.

Trusted outsourced solutions that make guest access safe at the right cost must supply an ID for the visitor that is instantly available through a self-serve model. Once the visitor uses his or her mobile phone number plus the SMS delivered password, they can securely be granted complimentary Internet access. Networked data centers record each guest’s access and location for an appropriate period, so that in the event of network abuse logged–in users can be traced, identified and if necessary excluded or disconnected. By using an outsourced networked solution provider, the visitor’s identity is valid at any office location that has subscribed to the same guest access solution. This results in a new level of consistent and simple Wi-Fi access that will enhance the usefulness and market acceptance of this low cost wireless technology.

The key to keeping guest Internet access costs acceptable is to introduce a guest access security model that complements securing employee access to the corporate LAN. Guest access at the right cost means that the IEEE 802.11i standard being adopted for employees cannot be used for guests because it requires a pre-defined identity in the corporate authentication server, specialized software and custom configuration on each device before the end user can access the Wi-Fi network; the cost for guests is simply prohibitive.

The world is now becoming increasingly unwired and to be successful individuals and legal offices need to introduce wireless technology or run the risk of becoming uncompetitive. Gone are the days when the acceptable outcome of a meeting is a list of actions that revolve solely on verifying data before a decision can be made. In today’s world, critical data must be accessible during the meeting allowing plans to be in motion even before the meeting concludes.

Please Visit Sesame Networks for more information