This article can also be found in the Premium Editorial Download "Information Security magazine: Compliance vs. security: Prevent an either-or mentality."
Download it now to read this article plus other related content.
Wireless covers a lot of territory on today's mobile devices. All the products we looked at included comprehensive control over WiFi, Bluetooth and IrDA interfaces.
Since its introduction, there has been a lot of hand-wringing over WiFi connections. Administrators disable onboard wireless, but still have to worry about an employee using their own inexpensive PCMCIA wireless adapter so they can hook up at home or a hotspot.
Administrators are just catching up to smart phones and PDAs, which are increasingly taking advantage of Bluetooth technology for file transfer and synchronization with laptops. An inexpensive USB Bluetooth adapter can quickly connect a PC to a Pocket PC.
And let's not forget about IrDA. Not as powerful or popular as WiFi or Bluetooth, infrared personal area network connectivity still presents a vulnerability.
Safend clocked in with the best control for WiFi, based upon MAC addresses, SSID and network security levels.
The remaining products didn't provide as much control as Safend, but they all provided basic permit/deny wireless interface blocking functionalities that identified all wireless interfaces regardless of type. For instance, we set policy to deny all WiFi with a laptop containing an onboard wireless adapter. As we added PCMCIA and USB wireless adapters, they too were disabled despite those ports not having any deny policy assigned to them.
This was first published in March 2007