Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

8/15/2008
06:40 AM
50%
50%

Hat World Tops Off EVDO Rollout With Security

Retailer initially found EVDO security solutions few and far between

When retailer Hat World (aka Lids) decided to toss its DSL service for a less-pricey, higher-bandwidth 3G Evolution-Data Only (EVDO) cellular wireless service, a lack of available security solutions for EVDO nearly derailed the initiative.

Hat World, which operates approximately 850 stores in the U.S. which sell college and professional sports teams' hats as well as special fashion lids, had begun experiencing bandwidth troubles with its DSL links. But when the retailer began looking at EVDO as an alternative to DSL last year, security for EVDO was a big bugaboo.

“EVDO was new, so there were not a lot of security products available,” and those that were available were limited, says Larry Havlik, senior director for information technology and facilities at Hat World, which is owned by Nashville, Tenn.-based clothing provider Genesco.

Many had EVDO as a secondary, rather than a primary, communication option. And the switches were designed for consumers and lacked central management functions.

Hat World's path to providing its stores with broadband links had been checkered with various ad-hoc decisions due to budget constraints. In 2005, the company’s loss prevention unit decided to put security cameras in its stores to lower its theft rate. The application supported dial up or high-speed connections, but watching video over a dial-up line proved cumbersome.

After scouring the marketplace, the retailer selected NetGear ProSafe combination router/firewalls to support its broadband links. “The NetGear product cost about $100 while other options were $1,000 or more,” Havlik says.

So the company rolled out DSL connections in a few hundred stores in 2006. The new links cut credit card transaction processing time from 45 second to fewer than five seconds, and supported the retailer’s new in-store embroidering service for custom-design caps. DSL enabled complex graphics to be passed from stores to the corporate office.

But the new network caused problems for the IT department. “We quickly went from beta to more locations than we could manage,” recalls Havlik. Because the NetGear product is designed as an autonomous device, the IT staff was unable to centrally manage the growing number of connections. So the DSL broadband rollout came to a screeching halt last year.

Late last year, the retailer discovered Sprint’s new EVDO service, which cost about half as much as a DSL line: $50 to $60 per EVDO connection versus $100 to $130 per DSL line. And EVDO wireless was obviously simpler to install because there are no wires. “In many of our locations, we share telecommunications services with a lot of other companies, so working in the wiring closet can be difficult,” Havlik says.

Fortinet was building the FortiWifi-60B, a combination WiFi/EVDO security appliance during that time, so that caught Hat World’s attention. “Since they were still developing the product, our requirements influenced its design,” Havlik says.

After a successful beta test of the Fortinet appliance and FortiManager, which provides central management of the remote devices in a few dozen stores, Hat World went operational with EVDO services in 350 stores last fall. The potential cost savings from switching its broadband option helped to justify the $400,000 Fortinet deployment.

There were a few bumps along the way, however. To save money, the retailer configured its Fortinet devices at headquarters and then had end users install them. “We underestimated the amount of time that we would have to spend on the phone with our employees,” Havlik admits. At best, it took 15 minutes to deploy a system, but other times, the process dragged on for as long as 90 minutes.

But the deployment problems did not stem entirely from the employees’ lack of expertise. Concrete walls blocked some signals, and in some cases, even adding a second antenna didn’t solve the problem. As a result, broadband services are now available in 350 locations -- 85 percent using EVDO and 15 percent still running DSL.

Hat World plans to add EVDO to more locations. “We are putting together some numbers so we will have money in the budget to add more locations next year,” Havlik says.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

  • Fortinet Inc.
  • Netgear Inc. (Nasdaq: NTGR)
  • Sprint Nextel Corp. (NYSE: S)
     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/6/2020
    Ripple20 Threatens Increasingly Connected Medical Devices
    Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
    DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
    Dark Reading Staff 6/30/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    How Cybersecurity Incident Response Programs Work (and Why Some Don't)
    This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-15570
    PUBLISHED: 2020-07-06
    The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
    CVE-2020-15569
    PUBLISHED: 2020-07-06
    PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
    CVE-2020-7690
    PUBLISHED: 2020-07-06
    It's possible to inject JavaScript code via the html method.
    CVE-2020-7691
    PUBLISHED: 2020-07-06
    It's possible to use <<script>script> in order to go over the filtering regex.
    CVE-2020-15562
    PUBLISHED: 2020-07-06
    An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.