Norm Jacknis, CIO of Westchester County is out there somewhere on the
list - perhaps he can comment..
------
http://news.com.com/Unsecured+Wi-Fi+would+be+outlawed+by+N.Y.+county/
2100-7351_3-5934194.html?tag=nefd.pop
Unsecured Wi-Fi would be outlawed by N.Y. county
By Declan McCullagh
http://news.com.com/Unsecured+Wi-Fi+would+be+outlawed+by+N.Y.+county/
2100-7351_3-5934194.html
According to a new proposal being considered by a suburb of New York
City, any business or home office with an open wireless connection
but no separate server to fend off Internet attacks would be
violating the law.
Politicians in Westchester County are urging adoption of the law--
which appears to be the first such legislation in the U.S.--because
without it, "somebody parked in the street or sitting in a
neighboring building could hack into the network and steal your most
confidential data," County Executive Andy Spano said in a statement.
The draft proposal offered this week would compel all "commercial
businesses" with an open wireless access point to have a "network
gateway server" outfitted with a software or hardware firewall. Such
a firewall, used to block intrusions from outside the local network,
would be required even for a coffee shop that used an old-fashioned
cash register instead of an Internet-linked credit card system that
could be vulnerable to intrusions.
Scott Fernqvist, special assistant to the county's chief information
officer, said Friday that he thought "the law would apply" to home
offices as well.
"It was just introduced; it's a draft," Fernqvist said. "We're hoping
it's enacted early next year, but this can change."
The proposed law has two prongs: First, "public Internet access" may
not be provided without a network gateway server equipped with a
firewall. Second, any business or home office that stores personal
information also must install such a firewall-outfitted server even
if its wireless connection is encrypted and not open to the public.
All such businesses would be required to register with the county
within 90 days.
The proposal echoes a slew of bills in Congress and in state
legislatures that are being considered in the wake of recent security
problems involving Bank of America, payroll provider PayMaxx and Reed
Elsevier Group's LexisNexis service. But the other proposals tend to
follow approaches such as requiring notification of breaches or
restricting use of Social Security Numbers--as opposed to regulating
wireless links.
According to the Westchester proposal, public Internet access sites
also would have to post a sign saying: "You are accessing a network
which has been secured with firewall protection. Since such
protection does not guarantee the security of your personal
information, use discretion." Violations of any part of the law would
be punishable with fines of $250 or $500.
Representatives from the county's information technology department
drove around downtown White Plains, N.Y., with laptop computers and
detected 248 open wireless connections in less than half an hour, the
county reported. Half lacked "visible security" features.
Copyright ©1995-2005 CNET Networks, Inc. All rights reserved.
---
You are currently subscribed to telecom-cities as: [EMAIL PROTECTED] To
unsubscribe send a blank email to [EMAIL PROTECTED]
Manage your mail settings at
http://forums.nyu.edu/cgi-bin/nyu.pl?enter=telecom-cities
RSS feed of list traffic:
http://www.mail-archive.com/telecom-cities@forums.nyu.edu/maillist.xml