Monthly newsletter Weekly news roundup Breaking news notification      

Wireless LANs are one of the major security risks facing businesses: Gartner

Get free weekly news by e-mailThe majority of successful wireless local area network (WLAN) attacks are because of the misconfiguration of WLAN access points (AP) and client software, according to Gartner, Inc. Security for WLANs and personal digital assistants (PDAs) in the organisation needs to be driven by updated security policies that address the unique demands of the mobile workplace.

Gartner presented these findings at the Gartner IT Security Summit 2004.

"Whether hackers are able to enter a company's WLAN through an unprotected AP or through a peer workstation, once they are associated with the network, they will be difficult to detect because they may not be visible in or near the network site," said John Pescatore, vice president and Gartner fellow. "A clever hacker will play it safe and use the company's resources quietly, and as a result, may never be found."

To protect themselves, businesses must make sure that employees or hackers don't install unauthorised wireless APs on the network and that APs are configured securely. In dense environments, such as urban areas or multi-tenant office buildings, companies have to make sure that their users don't connect to other companies' networks.

The least expensive, and least effective, way of doing this is to buy a wireless sniffer handheld and walk the perimeter of the network. The most expensive, and most secure, is to install a separate set of wireless intrusion detection sensors.
"Businesses should use sniffers to demonstrate potential exposure problems to management," Pescatore said. "Sniffer walks should not be attempted as an ongoing survey method, but should be kept on standby. If rogue WLAN activity is detected by network monitoring systems, individual members of the IT staff can be dispatched, to act as trackers, to hone in on unauthorised signal sources."

Gartner says that companies will get the most efficient WLAN intrusion detection protection from a vendor-independent dedicated sensor investment. The overwhelming advantage of this method is that all WLAN traffic can be detected regardless of the equipment and vendors involved.

www.gartner.com/us/itsecurity

Date: 10th June 2004 •Region: N.America/World •Type: Article •Topic: ISM
Rate this article or make a comment - click here


Copyright 2004 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help