By Joaquim P. Menezes –
In some companies, IT managers have refused to deploy wireless LANs because of the risks they pose.
Others have allowed their (legitimate) concerns for security to obscure other equally important requirements.
There are many deployments today that exemplify the notion of: “more security, less usability.”
One commentator, for instance, has vividly described his frustrating experience at an event where wireless LAN access was provided – but with complete disregard for user convenience.
And yet, as wireless LANs become ubiquitous – partly due the proliferation of wireless “hotspots” – the very real “security” risks inherent in this technology cannot be overstated.
For one, users cannot determine whether they’re connecting to legitimate or “rogue” access points.
Given that – according to some estimates – 60 per cent of successful rogue acccess point attacks succeed because of faulty configuration – this is an issue that wireless LAN administrators should pay especial attention to.
A couple of other common issues are:
Using the default SSID –The factory default Service Set Identifier (SSID) values should always be changed as using these make the network vulnerable.
Hackers, when attempting to penetrate the network, typically try all these default values.
Access Points (AP) broadcasting the SSID – When the AP broadcasts that a specific SSID is being used on the network, hackers can exploit this information. Ergo: if a WAN is not meant for public use, administrators could disable the broadcast of that SSID.
There are tools that help LAN administrators identify and address such problems.
Experiment with these and select what’s appropriate.
As they say: “an ounce of prevention…”