Sunday, October 7, 2007

Wireless Security Threats

The following are a few things you need to ask yourself when implementing security for your wireless network.
-Do I have some form of logging enabled? Logging is important as it will help you to trace who is trying to gain unauthorized access to your network. It will also act as evidence when prosecuting a suspected intruder in court.
-Do I allow guest access? If you do then be sure to separate your corporate network from the WLAN by placing the WLAN in your DMZ or outside the network and implement a firewall between them. Also, don’t forget to log and audit guest user activity so that you can see if any abuse is taking place.
-Where does my wireless signal end? Perform a site survey and find out exactly where the signal starts and ends; know your boundary.
-Do I know what’s on the network? Document everything and when a new access point is attached to the current network make sure you know about it. In larger companies, departments implement their own WLAN by adding an access point to the network and not informing the administration department, thus potentially opening up a hole in the network.
-Have I performed a Wireless LAN security audit? Make sure you scan your network to identify known vulnerabilities, and if any are found, take action as soon as possible!
-Are the wireless clients safe? Introduce, or amend a current security policy that will require mobile users to keep their laptops protected with antivirus and firewall software.

No comments: