Without adequate safeguards in place, enterprise wireless networks can expose a corporate network to several wireless
security threats and potential attacks, and increasing an organization's IT risk posture. For those reasons, it is essential for every enterprise to have a thorough understanding on the importance of securing wireless networks in order to mitigate wireless security risk.
This mini learning guide helps enterprise information security managers and executives develop a better understanding of wireless network security and why investing time and resources in securing your wireless network can help thwart threats, such as war driving and password cracking. Readers will also learn several other related wireless security best practices, such as how to develop a wireless security policy and how to achieve compliance with the Payment Card Industry Data Security Standards (PCI DSS) wireless security guidelines.
Video: Setting up a secure wireless network (see link below)
Securing your wireless network requires careful consideration. Services have to be readily available for the entire workforce, and network bandwidth needs to be sufficient for users' needs. Inbound and outbound security policies must be created to handle unauthenticated guest user access, and security teams have to invest in the appropriate technology, like WLAN switches, firewalls and intrusion detection systems.
In this four-part video series, learn the basics of building a solid infrastructure and the phases of a secure wireless network setup. Learn the policies, technologies and standards that are absolutely essential in providing usability, availability and security to the enterprise network.
Wireless network security best practices (see link below)
It's official: Wireless networks have become the norm in corporations around the globe. But the question is: What security measures need to be put in place to prevent malware from infiltrating and exploiting those wireless networks?
In these four Wireless Lunchtime Learning Security School lessons, Lisa Phifer lays out all you'll need to know to create and maintain a secure wireless network.
Securing your wireless network by developing a better understanding Wi-Fi threats
(see link below)
Interested in taking your enterprise wireless, or securing the wireless network you already have? Look no further. In this first of a four-part Wireless Lunchtime Learning video series, Lisa Phifer explains wireless network security and Wi-Fi threats, including some common attacks, such as a man-in-the-middle attacks, that can cripple wireless LANs. Then she explains how to create a wireless security policy that can thwart these threats.
Creating secure WLANs (see link below)
Creating a secure wireless network begins by building the wireless LAN infrastructure. But today's products implement a variety of Wi-Fi security standards, so how do you know which to choose: WEP or WPA or WPA2?
In the second video of the Wireless Lunchtime Learning series, Lisa Phifer of Core Competence Inc. explains how to create a secure WLAN for your enterprise, including WLAN implementation best practices, WEP security versus WPA security, and 802.1x enterprise security.
Securring wireless access (see link below)
In this third part of the Wireless Lunchtime Learning Security School, learn how to create secure Wi-Fi access, including secure wireless access point configuration, information on Wi-Fi captive portals, the pros and cons of a preshared key, as well as EAP and PEAP authentication.
Securely implementing wireless IPS (see link below)
Wireless intrusion prevention systems have become standard operating procedure in corporate networks, including those without formal Wi-Fi deployment. From enforcing "no wireless" policies to blocking unauthorized sessions, these systems help companies see what's happening in their WLANs and provide tools to take corrective action.
This fourth video of the Wireless Lunchtime Learning Security School describes the role of WIPS in WLAN security, the features commonly provided by WIPS, and how WIPS differ from (and complement) their wired network counterparts.
How to reduce wireless driver security vulnerabilities (see link below)
So, you have your up-to-date antivirus software with personal firewalls and antispam, antispyware and privacy control features. However, not having the latest device drivers installed can represent a significant flaw in an enterprise wireless security strategy.
In this expert response, information security threats expert, Ed Skoudis, explores how to ensure complete wireless security and how to reduce wireless driver security threats and vulnerabilities.
Wireless network guidelines for PCI DSS compliance (see link below)
In July 2009, the PCI Security Standards Council released its PCI DSS Wireless Guidelines (.pdf), which provides details on how organizations that use Wi-Fi networks can ensure they comply with the PCI DSS requirements. While the PCI DSS specification provided the base details, many organizations found they needed more specifics on how WLANs affect PCI DSS compliance.
In this tip, contributor Ben Rothke examines the key points of the PCI DSS wireless network guidelines and offers additional advice for organizations with existing Wi-Fi networks.