Feature

Controlling the Uncontrollable

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Top forensics tools for tracking down cybercriminals."

Download it now to read this article plus other related content.

Nail Down Client Configurations
Managing client configurations is critical. Left on their own, employees will adjust their laptops to access public hot spots or home wireless routers. Enterprises can manage their clients through configuration control, usage policy and dedicated client software.

Since Windows XP laptops ship with an internal wireless network adapter that automatically tries to attach to available WLANs, it's important to change the adapter's network properties from allowing ad hoc connections. Furthermore, administrators need to disable Wireless Auto Configuration, install XP Service Pack 2, which supports WPA and fixes several wireless security flaws, and change dangerous default settings, such as the administrative password.

Mad Science not only restricts use of the wireless client, but also locks down its mobile machines through user privileges, preventing the installation of applications.

"Our users aren't allowed to do anything to reconfigure their wireless client," says Alszko. "That doesn't mean they aren't going to try."

Meanwhile Peregrine uses client software specific to its Fortress Access Control Server to guarantee that only clients installed by Willis and his team can connect to the WLAN.

Define and Enforce Policy
A detailed acceptable-use policy is the foundation of a sound wireless security program. For example, Mortgage Financial is selective about who gets VPN access.

"If

    Requires Free Membership to View

you want to connect to the network remotely, a request is submitted for a VPN client. The VPN client is deployed only after reviewing the environment and if the user meets the criteria," says Beaupre. This ensures everyone connects through a gateway that verifies the correct encryption level is being used and the antivirus definitions are current.

Because of the rapid changes in wireless technologies, WLAN policies need to be dynamic. Organizations should revisit the policy and educate wireless users regularly.

Issues routinely covered by written policies should include the type of encryption to be used for authentication, acceptable use policy (corporate access points only vs. public networks), procedures in the event a device is lost or stolen, and the consequences for violating policies.

This was first published in December 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: