TECHNOLOGY // WIRELESS // DETAILS

Security Considerations

There is a level of comfort with wired networks that makes them seem secure because they are contained within the building and you must have access to the wire to be able to get on the network. The reality is that wireless networks can be just as secure as wired networks in the hospitality environment.

In a transient environment such as a hotel, security must be weighed against other factors such as ease of connectivity, compatibility and the lack of on-site technical resources. Security, while very important, must not impede guests from accessing the high-speed Internet service.

WEP (wired equivalent privacy) and WPA (Wi-Fi Protected Access) are two common features used to secure wireless networks. WEP is no longer considered a viable security measure for data over wireless networks. The encryption keys used by WEP are short and they are static. Numerous programs are easily available to crack WEP keys and provide someone with authorized access to the wireless network. WPA is a newer standard that has emerged to fix the shortcomings of WEP. WPA uses much longer keys and those keys change periodically and this change happens automatically.

While these types of security measures are widely used in corporate environments, they do not work well in hotels. They are difficult for the average business traveler to configure and would require them to change sensitive settings on their computer. Hotels are not equipped with the technical expertise to assist. And most importantly, the goal of securing a wireless network for guests is not to deny anyone from getting on the network. The goal is to keep each guest’s data and traffic private from other guests.

Intra-BSS (Basic Service Set) traffic blocking is a feature that solves this problem. This is like providing a security zone from the guest to the access point. When Intra-BSS is enabled, the access point filters data to ensure wireless users are protected from malicious protocol attacks. It also protects the wireless guest’s shared files and shared directories from being accessed by others on the network. It is similar to a VLAN on a wired network.

Still there is no replacement for VPN software. If a guest is utilizing VPN software to connect to their corporate network then their data is securely encrypted from their computer all the way to their corporate network. VPN software is typically already configured on a guest’s laptop when they arrive at the hotel and requires no reconfiguration to make it work. This is the most secure connection that can be reasonably obtained on a public access network today.

Benefits & Considerations
There are many benefits to deploying a wireless network in a hotel. First is the cost of the investment. Wireless networks are less expensive compared to traditional wired networks. Installation is usually quicker and less intrusive as none of the work is actually performed inside a guestroom. Also, the guest experience is superior to wired networks. The guest is not tethered by a cable to the wall, and is not limited to working only at the desk in the room. The guest can utilize the service anywhere in the room as well as in public areas of the hotel.

While there are many benefits, you do need to consider these factors.

In order for a guest to access a wireless network, they must have a wireless client device. The hotel must then provide necessary equipment (either for sale, rent or borrow) for those guests who are not properly equipped. Also, each wireless network has a unique ID (called SSID) that each computer connected must be configured to access. This is as simple as entering the SSID name in the appropriate configuration location on the computer.