Organisations need formal security policies to govern the growing use of wireless technology, Gartner told users at a security conference earlier this month.
Up to 70% of attacks on wireless local area networks in 2006 will result from misconfiguration of WLan access points and client software, the analyst firm predicted. It said security for WLans and personal digital assistants needs to be driven by updated policies that address the demands of the mobile workplace.
John Pescatore, vice-president at Gartner, said, "Whether hackers are able to enter a company's WLan through an unprotected access point or through a peer workstation, once they are associated with the network they will be difficult to detect because they may not be visible in or near the network site."
To protect networks, businesses should make sure staff or hackers do not install unauthorised wireless access points and that access points are configured safely. Businesses in urban areas or multi-tenant office buildings need to ensure that users do not connect to other firms' networks.
Policies for wireless use should include dedicated intrusion detection systems for wireless networks, locking down wireless- enabled systems or installing personal firewalls, and keeping all WLans outside the corporate firewall.
Pescatore said businesses needed to think beyond securing WLan access points when looking at the potential problems created by wireless use.
He predicted that individual client devices inside a WLan would pose the biggest security risks to corporations for several years
Client devices such as notebooks and handheld computers can be exploited as peers or access points to break into corporate WLans, where they can remain undetected indefinitely.
So far there has been little evidence of attacks targeting such devices, but with 85% of laptops and 60% of handhelds expected to be wireless-enabled by 2006, users should expect to see a rise in attacks against such devices, Gartner warned.
How to secure a wireless Lan
- Run dedicated intrusion detection systems for wireless networks
- Install personal firewalls
- Keep all wireless Lans outside the corporate firewall.