Follow-Up Procedures


Security assessments and audits should be a part of the organization s security policies, and are the best way to measure the success of a WLAN security plan. Assessments baseline the current security posture by evaluating the configuration against recognized industry standards and best practices.

The assessment is an excellent management tool that identifies where security is adequate and inadequate. Assessment results are then used to allow management to prioritize resources and efforts for the future. Assessments are essential for checking the security posture of a WLAN and for determining corrective action to make sure it remains secure. Audits verify the controls of a WLAN are working as described by the documentation. Auditors examine documentation, interview users and research historical trends to determine what the security plans are supposed to do. If the written controls are the same in operations, the audit is favorable.

However, if there is a disconnect between the written and operational activities, the audit is not favorable. It is important for corporations to perform regular audits using wireless network analyzers and other tools. An analyzer, sometimes called a sniffer , is an effective tool to conduct security auditing and troubleshoot wireless network issues (Karygiannis & Owens, 2002). Security administrators or security auditors can use network analyzers to determine if wireless products are transmitting correctly and on the correct channels. Administrators should periodically check within the office building space (and campus) for rogue access points and against other unauthorized access methods .

Federal, state and local agencies may also consider using an independent third party to conduct the security audits. Independent third-party security consultants are often more up-to-date on security vulnerabilities, better trained on security solutions, and equipped to assess the security of a wireless network. An independent third-party audit, which may include penetration testing, will help an agency ensure that its WLAN is compliant with established security procedures and policies and that the system is upto-date with the latest software patches and upgrades.

Conclusions

Wireless devices, WLAN and vulnerabilities are here to stay. More and more new applications are introduced using this technology across horizontal market. The demand on the WLAN is going to grow in the upcoming years as we try to determine how to make all these new devices work seamlessly with the enterprise. The faster organizations are able to generalize the challenges associated with WLANs, the stronger their security will be. Some of the vulnerabilities and threats are universal because vendors accept the 802.11b standard without making changes to the security services. Historical, well-documented problems are rubberstamped from device to device ” great for the consumer and the vendor, but an eye-opening problem for new WLAN owners .




Information Technology Security. Advice from Experts
Information Technology Security. Advice from Experts
ISBN: 1591402484
EAN: N/A
Year: 2004
Pages: 113

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net