Where can I get a draft or generic statements that address wireless LANs? Our establishment does not currently allow them, but our policy must be updated to advise of the same. Any ideas?
There is an excellent article at http://www.research.ibm.com/gsal/wsa/ that provides a brief outline regarding wireless information. The introduction begins "WSA is an IBM research prototype of an 802.11 wireless LAN security auditor, running on Linux on an iPAQ PDA. WSA automatically audits a wireless network for proper security configuration, to help network administrators close any vulnerabilities before the hackers try to break in." It will give you an overview necessary in order to determine how detailed you want your policy to be.
Just as excellent is http://www.iss.net/wireless/WLAN_FAQ.php and http://documents.iss.net/whitepapers/wireless_LAN_security.pdf.
The site Wireless Research provides links to papers and presentations regarding security vulnerabilities.
The Unofficial 802.11 Security Web Page has excellent information on 802.11 wireless roaming and adhoc networking with 802.11.
In addition, here are some sample policies:Internal Lab Security Policy Elements of wireless security (Also search SANS' section on security policies for the wireless environment) Securing mobile devices and wireless LANs (Search for A Checklist for Policy, Procedure and Technical Requirements)
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: How to approach a wireless policy
Tech Tip: Security tips for wireless technology
Tech Tip: Setting up an information security policy
Dig Deeper on Wireless LAN Design and Setup
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.