Archive for April, 2009

Solving Wireless (In)security – Best Practices for Wireless Security

April 15th, 2009

Financial institutions need to provide the same automated, continuous, and auditable levels of security to wireless networks as they do for wired-whether they’re managing a wireless network or not.

The risks associated with wireless networks are diverse. And whether you’ve prohibited wireless access at your company, or have chosen to enable encrypted wireless access, you still have a significant wireless security problem. How so? Just about every portable device shipped in the past few years comes with wireless access enabled-smart phones, PDAs, notebooks, MP3 players, portable storage devices and even printers – while WiFi access points the size of a USB-thumb drive are coming to market in increasing numbers. Also, financial institutions, and all enterprises for that matter, which believe they can avoid the risks associated with wireless networks through encryption or policy alone are mistaken-and they’re placing their wired LANs at significant risk as a result. Read more…

Wireless security

Why Wireless Handheld Audits Do Not Equal Security

April 15th, 2009


Wireless security audits play a crucial role in the wireless vulnerability assessment of IT infrastructure and provide guidance on how organizations can meet regulatory wireless compliance requirements. Assessment of wireless vulnerabilities is challenging because of the dynamic nature of wireless environments. Auditors have to worry about not only the wireless devices in a network environment that is being audited, but also external wireless devices in the vicinity that can impact the susceptibility of the network in question to vulnerabilities and attacks. Wireless laptops, handhelds, and smartphones carried by business travelers can also get infected with vulnerabilities on the road; even organizations that may not have officially deployed a wireless LAN need to be aware of these threats. Read more…

Wireless scanning