Wireless Access Points
Wednesday 8th December, 2010 10:03 Comments: 2
I was reading an entry on the SANS ISC blog and was amazed to read this sentence:
If I'm at a client site with secure wireless (ie - I can't use it), I can generally plug in my trusty AP and get the tablet (and phone and laptop for that matter) online through their ethernet for a faster connection.
Seriously? Wouldn't the best option be to find out the correct way of using the secure and authorised wireless access point? Perhaps they're using something like client certificates. Perhaps it's on a separate network that goes through a firewall, so wireless users can only access certain systems. Perhaps they've carefully configured the access point with specific signal strengths in mind to help prevent someone across the road from being able to connect. Now you're potentially reducing their secure setup just because it's convenient for you and your iPad. Later on he comments that:
Credit card security likewise seems to have fallen by the wayside a bit.
I hope he tries using his access point in an organisation that takes PCI compliance seriously, preferably one that's implemented a wireless IPS that will detect his devices. Unauthorised (rogue) access points are generally a very bad thing, even if they're deployed by non-malicious users.
If I'm at a client site with secure wireless (ie - I can't use it), I can generally plug in my trusty AP and get the tablet (and phone and laptop for that matter) online through their ethernet for a faster connection.
Seriously? Wouldn't the best option be to find out the correct way of using the secure and authorised wireless access point? Perhaps they're using something like client certificates. Perhaps it's on a separate network that goes through a firewall, so wireless users can only access certain systems. Perhaps they've carefully configured the access point with specific signal strengths in mind to help prevent someone across the road from being able to connect. Now you're potentially reducing their secure setup just because it's convenient for you and your iPad. Later on he comments that:
Credit card security likewise seems to have fallen by the wayside a bit.
I hope he tries using his access point in an organisation that takes PCI compliance seriously, preferably one that's implemented a wireless IPS that will detect his devices. Unauthorised (rogue) access points are generally a very bad thing, even if they're deployed by non-malicious users.
Cheryl - Wednesday 8th December, 2010 13:49
No way would anyone be able to do that at our company; we have too many security tools in place. I can't even get my work laptop on the network!