Wireless networks have increased convenience and productivity and lowered IT infrastructure costs. With such convenience however come new threats and vulnerabilities. Hackers can use rogue access points, misconfigured access points, honey pot access points, client mis-associations and other ways to gain entry into wireless networks, to steal data and perform other actions than can spell doom for the business.
The basic step in ensuring wireless networking security is having a comprehensive security policy in place. This entails stipulating guidelines for accessing public and unsecured wi-fis, protocols for wireless network access, and a clear set of rules and regulations to deal with issues such as rogue entry points.
The components of a security policy are many, but one important consideration is to stipulate clearing browser cache on exit. Clearing browser cache on exit reduces the risk to wireless phishing, or hackers using evil twins to poison Wi-Fi client caches and redirecting the user to phishing sites even after leaving the wi-fi hotspot and accessing the same site on wired network.
Enhanced Security Measures
Conventional network security measures such as network firewalls, traditional security standards such as VPN and 802.11 remain inadequate to prevent common wi-fi threats.
Companies need to install newer solutions such as Wireless Intrusion Prevention System (WIPS) Firewall, and ensure that such security systems complement the security solutions in place – such as firewall for wired network – to provide comprehensive protection.
Using server authentication by methods such as server validation and application server certificate verification provides effective protection against evil twin attacks.
One point to note is that unlike operation system updates, wi-fi driver updates are not distributed automatically. Companies need to track Wi-Fi endpoint vulnerabilities and ensure that their Wi-Fi drivers remain up-to-date. Updates usually fix the bugs that cause end-point vulnerabilities.
A major wi-fi risk is client computers creating unauthorized wi-fi connections that create access points for clients. Individual users need to ensure that they never accept third party certificates or keys when using a public wireless network. However, relying on end-users to desist from creating unauthorized connections is not a fool-proof solution, as many laptops come with embedded wi-fi clients that automatically connect to service set identifiers that it has used before.
A far effective network security policy to ensure wireless network security is to configure the system to connect only to preferred networks, and on request, and install tools to allow access only to secure wi-fis.
Effective solutions to this end are to configure authorized wi-fi connections and prevent end-user changes by using Group Policy Objects, and deploying host-resident agents, and/or wireless intrusion prevention systems to monitor wi-fi client activity and disconnecting high-risk connections.