Ban wireless networks that don't meet tough security policy requirements


Ban wireless networks that don't meet tough security policy requirements

Roberta Bragg

Hardening Windows Systems Get a glimpse inside Roberta Bragg's new book "Hardening Windows systems" with this series of book excerpts. This excerpt from Chapter 1, "An immediate call to action," explains why you should ban wireless networks that don't meet your organization's policy. Click for the complete book excerpt series or purchase the book.

Ban wireless networks that don't meet tough security policy requirements

Wireless networks can easily be implemented by users. Access points are available at low cost and can easily be plugged in to the network jack assigned to their desktop or laptop computer. Unfortunately, the default configuration on these networks has no security implemented and makes your wired network accessible to anyone in close proximity, not just authorized users. While it is possible to provide security for wireless networks, userinstalled wireless access points are unlikely to have even minimal security applied.

The best policy is to ban wireless networks unless they meet the wireless access policy of your organization. Enforce this ban by including in the policy the statement that noncompliance is punishable by employment termination.

Your wireless security policy should require encryption and authentication. This can be implemented with newer wireless networks by using Protected EAP (PEAP) and 802.1x authentication. Older wireless networks should be segmented from the wired network and require the use of VPN connections to the wired network.

Click for the next excerpt in this series: Don't allow unprotected laptops and desktops to connect to the LAN.

Click for book details or purchase the book.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy