Hardware

Growth of cable modem connectivity spawns security issues

As more and more remote users connect to corporate hubs via cable modems, CIOs need to examine the unique set of security and IT support issues that remote connectivity brings to the table.


It's no mystery why cable modems are saturating the corporate communications environment. They’re fast, readily available, increasingly reliable, and relatively easy to install.

Yet the security of the shared infrastructure on which cable modems operate has long been a key point of debate between modem advocates and skeptics. In general, tech leaders don’t relish the idea that vital corporate information is, at least theoretically, available to the hacker next door.

The devices represent a big change for enterprises, however, and there are several issues CIOs must be aware of. Cable modems have long raised security concerns related to how addresses are distributed within the networks’ shared infrastructure. In addition, the sudden spike in the volume and type of applications demanded by off-site workers can and will stress enterprise resources.

Security issues
CIOs are well advised to assume that modems are inherently insecure. In addition to physically sharing infrastructure with other modems, the devices’ IP addresses usually are administered by dynamic host configuration protocol (DHCP) servers at the head end. Each time a user logs on, the modem asks for and receives an IP address. This scenario isn’t ideal for corporate users working within a world of sophisticated hackers trying to take advantage of even a second’s lapse.

“DHCP gets the IP address from the main server,” explained Codi Traver, the president of CIO Global, a CIO placement firm. “And that opens the door for anyone to see you.”

Clearly, this means that extra security precautions are necessary. Traver believes that a combination of IP VPNs, software firewalls, and/or next-generation connectivity products from companies such as Neoteris Inc. or Flatrock are vital to protecting remote desktops.

Andrew Deskur, director of systems and network administration for VC firm Atlas Venture said he chooses cable modems over DSL even where both are available due to security needs. In addition to good service from his cable provider, AT&T Broadband, Deskur said the less-expensive DSL version he likes doesn’t support the point-to-point protocol over Ethernet (PPPoE) used by his Check Point Software Technologies Ltd. firewall/VPN device.

Another downside of DHCP is that it reduces the ability to configure remotely. If multiple PCs are behind a modem connected to a corporate server—a relatively common satellite office scenario—the server might not be able to remotely configure individual PCs, Traver explained.

New technologies tax resources
The general growth of broadband remote connectivity means that CIOs must prepare for new usage patterns, said Bruce Leichtman, the principal of Leichtman Research Group, a Durham, NH, consultancy.

The idea is that the entire infrastructure may be taxed, and usage patterns changed, as the number of remote workers increases and the types of applications in use require more bandwidth. For instance, if telecommuters suddenly begin streaming training and informational videos from the corporate server, CIOs have to be prepared to offer higher quality of service (QoS) levels, in addition to simply increasing the bandwidth.

“If all of a sudden we have a much larger number of people using bandwidth, or [if] connectivity grows, it needs to be factored in,” agreed Deskur, who suggests that companies keep close tabs on applications used to ensure infrastructure stability.

Within this scenario are a number of commonsense issues that tech leaders must also consider. For instance, many teleworkers’ machines are on home networks. This means that all the computers in the home must be secure, not just those used in connection with work. This poses a problem for the IT unit, as well as for the corporate user policies in place, as it tends to blur the lines between personal and business PC use. It could literally mean that more home-office IT visits will be necessary and have to be factored into the staffing and budget mix.

For this reason, experts recommend putting procedures in place to ensure that remote users' PC time is work-related, said Deskur: “You have to go in with predefined limits as to what you will and will not support so that the IT staff isn’t in the position of helping to set up the son to print off the employee’s wife’s computer.”

Cable connectivity expected to grow
Tech leaders should also be aware that remote connectivity issues aren’t going to go away any time soon, as the cable industry is focused on building up the small- and midsize business (SMB) market. The attraction is particularly high for several reasons: Revenue growth in cable companies’ core entertainment markets are slowing, and debt from the decade-long mergers and acquisitions binge is high. Consequently, cable operators such as Comcast, Charter Communications Inc., and Cox Communications Inc. have established corporate entities aimed exclusively at SMBs.

The cable industry’s advancements are something that CIOs at both small and large companies should be watching. A raft of technology vendors—Narad Networks Inc., Advent Networks Inc, Aurora Networks Inc., Wave7 Optics Inc., Jedai Broadband Networks Inc., Extend Networks, and others—are offering various approaches to optimizing the cable industry’s business market goals. Narad, for instance, announced a deal with IBM in June to enable cable operators to offer telecom services to SMBs at rates as high as 100 Mbps.

The key is accepting that the flow of information between home offices and corporate hub centers is only going to grow.

“You can’t be scared of the traffic,” Leichtman said. “I hear so often that CIOs are scared of the traffic. Don’t be scared.”

The advent of cable standards
Stay tuned for our next article on cable technologies to find out why CIOs need to pay attention to a trio of modem and modem network standards families in development.

 

Editor's Picks

Free Newsletters, In your Inbox