The growing adoption of Wireless LAN (WLAN) has given rise to a number of threats that are increasingly complex and harder to prevent.
An intruder may attempt to eavesdrop, collect passwords and render your IT systems and data vulnerable. They may also establish themselves as a trusted party by spoofing an internal IP address and duping users into sharing critical business information. If they obtain a broadcast name or SSID, they may create a WLAN AP with similar name and mislead users to their “evil twin” AP and steal their passwords.
Even without logging onto the network, an attacker may launch denial of service (DoS) by flooding the airwaves with a stronger WLAN signal of random traffic and preventing legitimate users from accessing your WLAN.
Organisations deploy WLAN to enjoy the convenience of anytime, anywhere access to the internet and corporate data. However, a lot of the WLAN AP installed depends upon firewall and VPN solutions for protection. These solutions lack strong encryption and authentication to adequately protect the network against misuse and eavesdropping.
Mind your weakest link
A challenge of managing WLAN is making users aware of how they unwittingly expose corporate networks to attacks. How many of them, for instance, would attempt to connect to unrecognised WLAN SSIDs in public spaces, unaware that an open network could compromise user’s data? Below are some best practices an organisation should apply to guarantee safe WLAN access:
Wireless Intrusion Prevention System (WIPS) represents one of the best technologies available for organisations to protect their LAN and wired security investments from wireless attacks. WIPS works like a wired firewall, but is focused on the corporate airwaves instead of packets. It is designed to automatically identify and prevent attacks, provide real-time network audits, assist in performance troubleshooting, and monitor the overall health of the wireless LAN.
To make the most of your investments, be sure that the WIPS you buy and deploy has the following capabilities:
Most WLANs have inherent security issues, but the benefits can still be enjoyed safely. With strong authentication and encryption, effective intrusion prevention and clear and precise security policies, organisations can still obtain the full benefit of secure anytime, anywhere access to corporate network.