SAN Critical IT Controls # 14: Wireless Device Control

While many companies are adept at securing their enterprise networks with routers, intrusion prevention and intrusion systems, wireless devices remain a very vulnerable to hacker attacks. Wireless devices are ubiquitous, and there are several ways hackers can exploit your wireless systems to gain access to internal networks. Unauthorized wireless access points in your network are just waiting to be exploited by hackers, who can gain access to your internal network by simply bypassing your security perimeter and connecting with wireless devices to sensitive areas in your network. On top of this, usage of wireless devices by employees during travel and from or through other external sites means that they are targets to malware attacks.

Companies must deny access to wireless devices that don’t have an authorized configuration and security profile. You must scan your network frequently to identify unauthorized wireless access points connected to your network and disable rogue access points. There are several excellent open source tools that enable you to perform “war driving” to identify access points and clients accepting peer to peer connections.

Ensure that all wireless devices use at least AES encryption with a minimum of WPA2 protection. Use advanced authorization protocols such as EAP/ELS to protect user credential. Multi factor authentication credentials minimize your risk as well. Unless there’s a business need, you must disable wireless peripheral access of devices such as Bluetooth. Configure all wireless clients so they can’t connect to public wireless networks, unless there’s a business need.

Effective scanning will tell you if your wireless devices are using weak protocols and insecure encryption technologies. Implement automatic notification of any detection of new unauthorized wireless devices. You can use a wireless intrusion detection system (WIDS) to identify rogue wireless devices and detect intrusions. You should also configure wired IDS to monitor all wireless traffic flowing through your network.

Leave a Comment

Your email address will not be published. Required fields are marked *


Contact Us

If you have an urgent question regarding your software licensing or a software audit, please contact Miro right away.

(732)738–8511 x1208
Use the chat box on the right

About Us

Miro is a leading global provider of software asset management services, specializing in license management, audit advisory, negotiation tactics, support management, and cloud services. We help our clients maximize ROI on their software license investments, stay in compliance, and minimize the impact of audits. Miro's performance guarantee promises that our long-tenured, diverse, and passionate team of expert analysts provides insightful and actionable advice to help our clients achieve the best possible outcomes.

Performance Guarantee

Miro’s no risk Performance Guarantee is that the amount of cost savings that we uncover will be more than our fees.

Managed Services for Oracle Licensing

Miro’s Managed Services for Oracle licensing is a best practice approach for an organization to optimize and outsource the practice of Software Asset Management to specialized external experts to ensure the organization’s compliance with vendor rules and policies.

Learn More