Humpty Dumpty sat on a wall…
Every now and then we run into network administrators and CSOs that brag about how their organization is not vulnerable to wireless security threats, only to see their rash confidence fizzle out once the results from a wireless vulnerability assessment or penetration test are out.
Today, most are aware that Open WiFi on enterprise network is foolish and using WEP encryption is a bad idea and that WPA2/802.1x is the way to go. Then where do they go wrong?
The false sense of security is a fallout of their perception of what wireless devices (or the lack of) are on their enterprise network versus the unaccounted wireless devices that are actually there. And how childishly easy it is for an outsider to access sensitive enterprise assets using these devices as backdoors. This lack of visibility is the killer. And it is fueled by solely relying on LAN security measures such as NAC and firewall or believing that wireless security starts and ends with WPA2/802.1x.
Joanie Wexler has captured the essence of this “security-ism” very well in her recent article.
Given that enterprises today are flooded with WiFi devices (laptops, smartphones, and PDAs) more than ever before and new wireless vulnerabilities are putting a bigger pie of enterprise security at the mercy of end users, I hope those in charge of securing their organization’s IT assets take a note of what Joanie has to say.
You can also find wealth of information about wireless security threats and best practices in our knowledge center, multimedia and white paper sections.
