Master Checklists

Auditing Wireless LANs

Checklist for Auditing Wireless LANs

1. qEnsure that access points are running the latest approved software.

2. qEvaluate the use and controls around centralized WLAN management.

3. qVerify that your mobile clients are running protective software.

4. qEvaluate the security of the chosen authentication method.

5. qEvaluate the security of the chosen communications method.

6. qEvaluate the use of security monitoring software and processes.

7. qVerify that rogue access points are not used on the network.

8. qEvaluate procedures in place for tracking end-user trouble tickets.

9. qEnsure that appropriate security policies are in place for your WLAN.

10. qEvaluate disaster-recovery processes in place to restore wireless access should a disaster happen.

11. qEvaluate whether effective change-management processes exist.

Auditing Mobile Devices

Checklist for Auditing Mobile Devices

1. qEnsure that mobile device gateways are running the latest approved software and patches.

2. qVerify that mobile clients have protective features enabled if they are required by your mobile device security policy.

3. qDetermine the effectiveness of device security controls around protecting data when a hacker has physical access to a device.

4. qEvaluate the use of security monitoring software and processes.

5. qVerify that unmanaged devices are not used on the network. Evaluate controls over unmanaged devices.

6. qEvaluate procedures in place for tracking end-user trouble tickets.

7. qEnsure that appropriate security policies are in place for your mobile devices.

8. qEvaluate disaster recovery processes in place to restore mobile device access should a disaster happen.

9. qEvaluate whether effective change management processes exist.

10. qEvaluate controls in place to manage the service life cycle of personally owned and company-owned devices and any associated accounts used for the gateway.