use Dynamic security to fortify network security

Six Ways to Mitigate Risk From Wireless Home Workers

Mary Brandel   

 February 26, 2007 (Computerworld) -- Here are some tips from research firm Gartner for ensuring that home workers’ wireless networks won’t harm the corporate network or expose sensitive company information.

Turn off the service set identifier broadcast on all internal, nonpublic, nonguest access points. When this feature is off, the access point won’t advertise its presence and will foil casual attempts to catalog access points.

Migrate to WPA2-compatible wireless LAN network interface cards (NIC), wireless drivers, supplicants and access points on all new purchases. Require the current best standard, WPA2, on all new WLAN equipment. Devices with non-Windows operating systems, especially smaller handheld devices, may need to use a third-party WPA2 supplicant.

Install a personal firewall in every laptop with a wireless NIC. Wi-Fi capabilities open up another attack path against laptops, particularly when they are used in public hot spots. The personal firewall built into Windows XP has minimal capabilities but is better than nothing.

Keep WLAN card drivers up to date. Vulnerabilities have already been discovered in some WLAN card network interface drivers that can cause exposure down to Layer 2 in the network stack.

Turn off peer-to-peer/ad hoc networking. All WLAN cards can link to other client systems without involving an access point, thereby losing all protection brought by strong authentication. Permanently disable this feature in registry settings.

Don’t allow wireless and wired NICs to be active at the same time on a client system. When a client device is connected to a wired LAN, malicious software could use the wireless network for eavesdropping and network bridging.

Having said all that, one can simply use Dynamic security to fortify network security.