Work Without Wires

Most companies are content with a couple of Wi-Fi conference rooms, but Capital One thinks a wireless campus will spur game-changing brainstorms. Is it time to reconsider the potential of

July 18, 2005

11 Min Read
NetworkComputing logo in a gray background | NetworkComputing

For some 1,500 employees and contractors working for Capital One Financial Corp., the desk has gone the way of other office dinosaurs, like typewriters and Rolodexes. The first wave of knowledge workers to be outfitted with Wi-Fi-enabled laptops, voice-over-IP software phones, and portable printers can do business from anywhere within the company's 24 buildings in the United States and the United Kingdom.

These employees are the first in a program Capital One calls the "Future of Work," which CIO Gregor Bailar defines as a necessary step in keeping the $1.5 billion-a-year bank and credit-card company competitive. "The Capital One story has always been to look for the game-changing opportunities," Bailar says. Capital One's staff uses a Web portal that automatically routes work processes to employees, making it easy for mobile professionals to do their jobs from wherever they are. "The big push for Future of Work is [that] this is hugely a knowledge-worker environment," Bailar says.

The people that Capital One took from its 15,000-strong workforce to participate in the program, which was launched last fall, work in information-intensive areas such as finance, human resources, and IT. Bailar expects 1,000 more employees to become mobile users by the end of next year. Already the company reports that the program is helping it achieve the three critical goals it was designed for: keeping employees--called associates--satisfied with their jobs, improving productivity, and reducing costs related to real estate.

Wireless access helps Capital One stay competitive by making its huge staff of knowledge workers more productive, CIO Bailar says.

Capital One stands out for its aggressive embrace of a wireless infrastructure that extends across buildings and borders and does away with the concept of a traditional desk job. Businesses that require constant mobility on the job--such as hospitals, manufacturers, and retailers--have been gradually adopting wireless networks for daily work for several years. But for companies where desks and work cubicles are the norm, going mobile generally stops at giving salespeople a cell phone and maybe a laptop they can use in public Wi-Fi spots, or equipping some conference rooms with wireless-access points for guests or contract workers to use.

Capital One's deployment is more ambitious, extending from standalone buildings to a 360-acre, eight-building campus, with wireless-access points covering coffee rooms, cafeterias, and more traditional workspaces such as offices and conference rooms.While Forrester Research predicts that 64% of U.S. companies are upgrading or deploying wireless LANs in 2005, just a small percentage of those are multicampus deployments that provide wireless access to large portions of a company's workforce. Most IT execs still don't buy the argument that large wireless-network deployments provide enough of a productivity boost to make them worth the extra expense and security and management headaches.

Yet the growth of Wi-Fi hot-spots in public places such as airports and cafes is making people more accustomed to the ability to connect wirelessly. The number of publicly available hot-spots in North America will reach 20,400 this year, according to research firm Gartner. The Yankee Group predicts that 1.5 million people will pay to use commercial Wi-Fi hot-spots by the end of this year. And components of wireless infrastructures are creeping into the workplace, as more businesses choose wireless-ready laptops and PDAs when making upgrades.

But there are challenges to unplugging a company's workforce. Even though equipment prices are declining, many companies still find it difficult to justify the cost of a full-blown wireless infrastructure when the wires in place work just fine. Capital One declines to put a price tag on its initiative, but the cost of access-point hardware to support 12 users is about $800. Forrester says companies can expect to spend $3,000 per switch, $9,000 for a management tool, and $8,000 for intrusion-prevention software to secure these networks, which are inherently easier to piggyback onto or crack into than wired LANs. The threats include employees installing unsecured access points without the IT department's knowledge and competitors scanning buildings from parked cars.

Another factor inhibiting takeoff is that most vendors haven't consolidated wired and wireless network-management tools, so companies have to deploy different systems to monitor wireless LANs. Generally, they also have to manage each campus wireless LAN separately, although that's changing with the increasing availability of wireless LANs that can be centrally managed.

Productivity won't necessarily improve, either, if a company doesn't have processes in place to support working online. Capital One employees use a Web portal to access the company's PeopleSoft and other workflow applications. "It really has been transformative. People expect things to happen fast, to be efficient, to be working toward workflows instead of moving paper around," Bailar says. (For more on Capital One's application environment, see "ERPzilla," July 11, p. 30.)Count Microsoft among the believers in the wireless workplace. It's replacing a global wireless LAN infrastructure with an even larger one that will encompass 277 buildings worldwide and cover more than 17 million square feet, a project expected to take up to two years. Microsoft is deploying 5,000 "thin" wireless access points from Aruba Networks Inc., which can be centrally managed and will provide connectivity to an estimated 100,000 computing devices.It's one of the largest, if not the largest, wireless LAN deployments in the world, according to Craig Mathias, an analyst with wireless consulting firm Farpoint Group. Microsoft won't comment on its project, but it's clear the company has decided that tethering thousands of employees to office desks via wired cables isn't the best way to get things done. During a speech at Microsoft's TechEd Conference in Orlando, Fla., last month, CEO Steve Ballmer indicated the company is looking for ways to redefine jobs for bright young college graduates, as it tries to gain some of the pizazz associated with companies like Apple Computer and Google Inc.

Microsoft has been using Cisco Systems equipment that requires device management take place at each access point. Growing demand for centralized tools to manage wireless LANs prompted Cisco to offer a thin-access-point setup through its acquisition this year of Airespace Inc. Other wireless LAN vendors, including Extreme Networks Inc. and Trapeze Networks Inc., offer their own approaches to central management for things like encryption and user authentication. Central management also makes it easier to expand networks and can reduce costs because less equipment is needed, Mathias says.

Capital One, citing security concerns, won't discuss its network-management approach or reveal its wireless vendors. The deployment has necessitated changes, though. In addition to small and large team workspaces where mobile employees work in groups, it has set aside quiet spaces for employees when they need to do "heads-down" work without interruptions. "Resident" employees continue to work in offices or cubicles. "Our vision is a work environment designed to reflect various work-style choices," Bailar says.

Capital One's buildings accommodate more people since the deployment. For example, its West Creek campus near Richmond, Va., used to house 650 employees. With Future of Work, the number of people working there jumped to 1,100, simply by reconfiguring the office space to support mobile employees.

Law firm Kirkland & Ellis LLP is moving in a similar direction. It's deploying Cisco Systems wireless LANs across seven offices worldwide. The phased rollout will give wireless access to clients and guests visiting the law firm's offices and provide employees and attorneys with the flexibility to work in conference rooms, auditoriums, and other areas where a lot of client interaction takes place. When meeting in conference rooms, attorneys and clients will be able to use wireless LANs to connect to the corporate intranet, access the Web, and refer to case-relevant E-mail. "We see a mobile group emerging within the walls of the office, and mobility is focused around collaboration and teamwork," CIO Steve Novak says. The firm's goal is to provide real-time, online, secure access to the corporate network from anywhere in the world. "Wireless becomes one of the foundational technologies in the pursuit of that goal," Novak says.The wireless LANs will cover about 30 conference rooms, two large conference centers, and 14 floors of office space, including offices in London and Munich, with about six access points per floor. Novak estimates that half of the law firm's 2,600 employees and 1,000 clients will use the new network over the course of a year.

Providing that kind of access for lawyer-client meetings using a wired network would have been too costly, requiring the firm to install additional data switches and cabling to provide extra Ethernet ports. "It's more cost-effective to provide a wireless connection," Novak says.

With legal documents, invoices, payments, and confidential E-mail crossing the airwaves, Kirkland & Ellis grappled with how to secure the wireless network. There's good reason for concern: The Wired Equivalent Privacy protocol, predecessor to the 802.11i standard ratified last year, has been shown to have serious flaws that can be exploited, and its weak authentication methods have made wireless networks vulnerable to attacks.

Like Capital One and Microsoft, Kirkland & Ellis hopes to avoid these problems by using 802.11i-compliant equipment. The standard defines a method, called Wi-Fi Protected Access 2, or WPA2, for authenticating and encrypting wireless LANs.At the heart of Microsoft's large wireless LAN deployment is Aruba's switching system, which centralizes 802.11i security functions, including wireless encryption, authentication, and user-access controls. This means Microsoft will be able to centrally control and encrypt all its wireless devices. Aruba CEO Don LeBeau believes a combination of centralized control and tight security is what many businesses will want in wireless LANs.

Revenue for the worldwide wireless LAN-security market is expected to reach $279 million by 2009, compared with $41 million in 2002, according to a new report from research firm Research and Markets. Capital One has built a "rigorous security infrastructure" that includes an enterprisewide intrusion-detection system, Bailar says. In addition to encrypting communications between the wireless network and mobile devices, Capital One enforces security policies, such as minimum password length and limits on the number of unsuccessful logins, from centralized servers.

It's equally critical to secure transmissions with employees on the road. To support employees wanting to use public Wi-Fi hot-spots while traveling, Kirkland & Ellis installed software from iPass Inc. on 1,300 laptops to enforce the use of its VPN. The iPass client includes device authentication, patch management, and policy enforcement in a single interface, and it can detect whether security software is running properly before sign-on.

Besides security challenges, wireless LAN management remains an issue. "The whole network-management space still needs a lot of work," Farpoint's Mathias says. Insufficiently managed networks can result in increased security risks, higher operational costs, and dissatisfied users. Computer Associates, Hewlett-Packard, and IBM all promise network-management tools that can be used on wired and wireless networks, which should make it easier to manage both, Forrester analyst Ellen Daley says.

For the IT help desk, wireless networks can be difficult to troubleshoot. If users have a problem connecting, they'll often move to another area covered by a different access point, making it difficult for the help desk to determine what the problem was, Bailar says. And curious things can happen with wireless networks: In one instance, the Capital One help desk discovered interference with one of its access points but couldn't determine where it was coming from. It later found that a user had introduced a device into the wireless LAN environment that wasn't owned or approved for use by Capital One, and the device was using the same spectrum as the network.

Despite all these challenges, the momentum for wireless won't go away. Wireless LANs will evolve to support more emerging applications such as voice over Wi-Fi, which Capital One and Kirkland & Ellis envision down the road, giving their mobile workers even more flexibility. "We're excited about Wi-Fi phones and PDAs that could seamlessly roam from the public cellular domain into the campus wireless domain," Kirkland & Ellis' Novak says.

Ultimately, it will be employees who demand a wireless workplace. New hires are coming from college campuses with Wi-Fi everywhere. Everyone already can get Internet access on planes and has wireless access served up with mocha lattes at Starbucks. Fewer businesses will be able to offer wireless access only to employees away from the office, and many more will have to provide it to employees on home turf, too.Illustration by Campbell Laird

Continue to the sidebar:
Wireless Risks: How To Avoid Common Pitfalls

Read more about:

2005
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights