cfo.com

Print this article | Return to Article | Return to CFO.com

Ripe for the Picking?

One way or another, wireless technology has already taken root at most companies, but uncontrolled growth could hurt the bottom line. And did we mention the security risks?
John McPartlin, CFO IT
September 15, 2004

If you're wondering whether it's time for your company to join the wireless revolution, we have some news for you: it already has, for better and worse. During the past few years, thousands of cell phones, BlackBerry devices, pagers, wireless PDAs, and wireless-enabled laptops have almost certainly made their way into your company — sometimes authorized, but more often not.

Rogue Wi-Fi (wireless fidelity, which can transmit data at relatively high speeds across short distances) access points have been set up on networks without any encryption in place, and right now one of your employees may be sitting in an airport Starbucks checking his E-mail and even downloading company sales figures or other sensitive data. The question is not whether you're ready for wireless: it's whether you can still tame the tiger before it eats you alive.

Luckily, there's still time to regain control. New technologies now make wireless devices just as secure as those on traditional networks — as long as you remember to activate them — and stronger security standards are being introduced each day. That same spirit of innovation is also affecting the cost of wireless, as expenses become easier to rein in. And more-robust management tools can now merge wireless networks into your overall IT architecture more seamlessly than ever.

With a number of interesting wireless applications on the horizon, now is the time to lay a proper foundation so that the convenience and productivity enhancements your employees have already embraced don't hamper your efforts to maximize this fast-evolving technology.

Wireless networks, be they public (as with the Wi-Fi access points available at airports, Starbucks, and many other places) or private (wireless local-area networks, or WLANs, which are gaining ground within the walls of Corporate America as a fast, convenient way to keep everyone connected), are often painted as prime ground for hackers. Security experts claim that anyone with a good understanding of wireless IP networks, a wireless-enabled laptop, and the right software (readily available on the Internet) can pluck precious data from the ether.

Various efforts to better encrypt the contents of wireless transmissions are under way. The IEEE Standards Association, a technology standards-setting body, recently approved a new wireless security protocol, the catchily named 802.11i. The protocol should offer more-robust protection than the existing Wired Equivalent Privacy (WEP) standard commonly in use on most wireless networks.

Meanwhile, the Portland, Oregon-based Trusted Computing Group, a standards body that includes Intel, Hewlett-Packard, and VeriSign, is working on what it calls the Trusted Network Connect standard, which will allow wireless devices and wireless-enabled PCs to be properly authorized and certified as secure before they are allowed to connect to a particular network. That standard is expected to be announced some time before the end of the year and implemented in products beginning next year.

But experts say that the current WEP encryption standard can be effective if it's used properly. Problems crop up when the encryption, which may be turned off on commercial applications, isn't activated or is not updated on a regular basis. "The biggest breaches are people violating policy," versus the limits of the technology itself, according to Al Delattre, a managing partner in Accenture's electronics and high-tech practice.

Executives at companies with extensive wireless implementations agree. Proper encryption and explicit security policies are the key to security at New York-based online grocer FreshDirect. "All of our data is encrypted as it is transferred to and from our data centers," says CTO Myles Trachtenberg. "Even though we rely on the public Internet for transporting customer data, because of the steps we take at either end of the transmission, the data is completely unintelligible as it travels over the Net via our [virtual private network]."

Internally, the company uses handheld devices equipped with Wi-Fi to scan inventory and interact with its inventory control system. It is also looking into rolling out wireless applications in the field to help with delivery confirmations and fleet monitoring. Wireless may even provide the very backbone of the organization: for the past six months, FreshDirect has been using a high-speed wireless network from Middletown, Rhode Island-based TowerStream as a backup to its existing fiber-optic Internet link, which is essentially its connection to the outside world. Trachtenberg says the wireless version is reliable enough to take the place of his wired network at any time.

Paul Cravedi, president and CEO of the Newton Executive Office Center in Newton, Massachusetts, is also a TowerStream customer. "We had concerns about the technology, including security," he says. "But the installation was fast, it's very cost-effective, and so far, everything has panned out as we hoped."

But some experts caution that current standards don't go far enough. WEP implementations, for example, use static keys (encryption formulas) that are the same for every device that hooks into a given network. If a hacker gets hold of that key, he will gain easy access to everything on the network until the next time the keys are changed, a cumbersome and largely manual process that no doubt leads to a certain laziness. Another security challenge involves access: many companies want to let workers log on to the network temporarily — for a day or a week while in the office — or allow only those workers on a certain floor or within a certain department to be able to "see" and sign on to a particular network. Configuring the network and each wireless device for temporary access can be extremely unwieldy and time-consuming, and is prime ground for security lapses.


In response to concerns raised by customers, some large enterprise software and hardware companies, including Computer Associates and Cisco Systems, have developed new products to manage WLANs. CA, for example, is now testing its Wireless Site Manager package at several customer sites, including United Health Services and the University of Arkansas.

With WSM, managers can place software agents on wireless devices that act as both asset-management tools and connection managers; that is, they can seek out local wireless networks automatically and authenticate the user, granting access to only what is appropriate, while also handling encryption management. These agents provide security in another way as well, acting as "sniffers" on the network and alerting managers to the presence of rogue devices and unprotected network access points. Managers can use the agents to restrict network access to a certain period of time or a certain geographic location. Because WSM can be integrated with CA's Unicenter enterprise network management tools, sophisticated report generation and network load balancing — staples of wired networks — can be extended to wireless networks as well.

Sumit Deshpande, vice president of development in CA's office of the CTO, says wireless adoption in the enterprise has progressed slowly in part because "an IT [staff] with wireless expertise is needed to install and maintain the network," which often functions as a separate island.

Analysts say the advent of these tools should help ease the integration of wireless networking into larger enterprises and address a host of security and management concerns. But "better" does not equal "flawless." "A professional car thief can steal any car he wants," says Accenture's Delattre. "Most people just want to make it harder for the amateur."

Despite recent improvements, wireless networks are not as secure as their wired counterparts — in part because users have not demanded it and also because the standards are still evolving — and companies with extremely sensitive data will likely stick to their current wired setups and use wireless selectively.

Controlling Costs
Another major concern for CFOs and CIOs is the cost of wireless. After several years of extensive investment in enterprise applications and fiber networks, many companies say they just don't have the budget for widescale wireless network implementations. That may be true, analysts say, but with so many wireless devices, cell phones, Wi-Fi routers and gateways, and possibly illicit laptop wireless access cards already spread throughout your company, the genie may be out of the bottle. It may be less a case of finding money to invest and more a matter of reining in costs you didn't know you had.

"The basic process begins with understanding where the money is going," says Ken Dulaney, vice president of mobile computing at Gartner. "Communication costs are one of the most uncontrolled areas for most enterprises. Vendors have made it so complicated that people ignore it."

Peter DeNatale, CIO at the Mentor Network, a human-services organization in Boston, tried to get a feel for his company's wireless expenditures last year. "I had one of my staff dig the numbers out of accounts payable, and it took her a month just to get the figures for a single month," he says. Per employee, cost overruns (paying for too many or too few minutes, or racking up roaming charges) were rarely significant, but in the aggregate, they represented a sizable chunk of Mentor Network's seven-figure wireless bills. However, DeNatale says he does not have the time or staff to hunt for that buried treasure on a regular basis.

Dulaney suggests that cutting such wireless costs begins with getting a clear picture of what your costs actually are. "The first thing I would do is restructure the line items on my expense reports to capture these connectivity issues." Most expense reports and budgets, he says, lump all communication expenses together, whether the fees are for telephone calls or wireless Internet connectivity or BlackBerry E-mail service. "Is the $10-a-night line item just for phone calls home, or does it include wireless broadband service from a hotel room? You have to know these things if you expect to negotiate better deals with carriers," says Dulaney.

Armed with more explicit data about your communication costs, you can begin to aggressively negotiate with your suppliers. Ideally, you want to consolidate — for example, getting one fixed price for wireless hot-spot usage across the country, whether in hotel rooms, conference rooms, or airport lounges. It's also important to understand usage to ensure that you don't pay through the nose for excess bandwidth and minutes. "Many enterprises pay for unlimited service on BlackBerries, but few users send and receive more than 2 megabytes of data a month," he says. "At $50 a month, that's $25 a megabyte, when it could be as little as $1 a megabyte. You are spending way more than you should."

A substantial number of third-party companies are ready to sort through all this on your behalf. Frustrated by the process, Mentor Network's DeNatale turned to Austin, Texas-based Traq-wireless, which came in and organized all of his firm's wireless cost data in an easy-to-read and easy-to-access format. In the past few years, the company has done the same for the likes of Burlington Northern and Santa Fe Railway, Cadbury Schweppes, and Nova Chemicals. After compiling the data, Traq-wireless can even act as your agent to negotiate better deals with carriers.


Whether you decide to go outside for help or handle things yourself, the worst (and most expensive) thing you can do, according to Gartner's Dulaney, is to treat everyone's wireless communication needs the same. In fact, he says it can be downright "destructive." While it may be tempting to standardize — installing wireless capabilities on every laptop computer and giving every employee a monthly account, for example — Dulaney says that "you have to understand people's travel patterns. If they travel once a quarter, you can find less-expensive solutions than that."

He suggests that companies approach wireless communication costs as they do employee health-care offerings. "We propose managed diversity: have options for people and then manage the costs in a different way," he says. "Give people a budget of certain amounts they can spend per month and give them elective choices. They can do what they like if they just don't go over the preset amount. You will get better optimization, a cap on spending, and happier employees."

Don't forget to take the shop-around approach to other aspects of wireless, such as the aforementioned fiber-optic backup solution. Costs are competitive, and often wireless can go where land lines can't, such as in remote locations or through dense urban areas.

There's Something in the Air
Analysts say every company should be thinking about how wireless technology will fit into its future, even if it involves small test programs throughout the enterprise to see what works and what doesn't. The biggest mistake would be to do nothing about wireless. The second-biggest mistake, they say, would be to simply take existing applications and try to port them over to wireless devices without thinking about how those devices are designed and used.

"Most business applications such as ERP and CRM were architected to run on significant computer infrastructure and not designed with mobility or a two-inch screen in mind," says Accenture's Delattre. "It's not a matter of just taking these applications and getting them to work in a mobile environment. You have to transform the way you do work. So many companies have installed Wi-Fi networks, and all they've saved is the cost of the cable."

Delattre points to SBC Communications's recent Technician of the Future initiative as a great example of a company changing the way it does business using wireless technology. SBC outfitted its 20,000 field technicians with wireless-enabled laptops that allow them to download their schedules remotely, access customer histories, use online resources to help diagnose problems, and even try to up-sell customers on high-speed DSL and other services. This was a practical application that led to significantly greater customer and employee satisfaction, he says, and not simply a wireless way to do a formerly wired job.

Companies such as FreshDirect, FedEx, and SBC will reap the most from wireless because they make application-specific decisions about wireless in areas where it helps the most: salespeople needing data in the field, repair workers needing quick on-site reference materials, warehouse workers doing inventory-control tagging, and delivery drivers needing directions and new assignments. New applications will likely come out of the blue: who could have predicted that people would spend millions of dollars on gimmicky cell-phone ring tones? The ideas for these applications are most likely to come from younger employees who have grown up with the Internet, cell phones, and instant messaging, and think nothing of checking box scores on their wireless PDAs while talking on their mobile phones and scrambling for good seats on the train. When one of those good ideas presents itself, do you want to turn it down for fear of security, cost, and management issues, or will you be ready to pounce?

John McPartlin is a New York-based writer and former editor of Netguide magazine.


Putting Wireless in Motion
Quick advice for executives confronting the world of wireless.

Pilot early and often, and reapply what you learn through successive iterations. This is how the value opportunities will become clear.

Measure the contributions that employees make to operations while mobile. The value they create should match or exceed what they produce when "traditionally tethered."

Calculate a mobility index: what employees can do anywhere divided by what they can only do at the office or plant. The closer the index comes to 1, the better your efforts to foster mobility are faring.

Source: Accenture






CFO Publishing Corporation 2009. All rights reserved.