01 May 2011

Wireless LAN Security Summary

Wireless LAN Security Summary based on ISO 27001/ISO17799 are :

1. Develop an agency security policy that addresses the use of wireless technology, including 802.11.
A security policy is the foundation on which other countermeasures—the operational and technical ones—are rationalized and implemented. A documented security policy allows an organization to define acceptable architecture, implementation, and uses for 802.11 wireless technologies.

2. Ensure that users on the network are fully trained in computer security awareness and the risks associated with wireless technology (e.g., 802.11).
A security awareness program helps users to establish good security practices to prevent inadvertent or malicious intrusions into an organization’s information systems.

3. Perform a risk assessment to understand the value of the assets in the agency that need protection.
Understanding the value of organizational assets and the level of protection required is likely to enable more cost-effective wireless solutions that provide an appropriate level of security.

4. Ensure that the client NIC and AP support firmware upgrades so that security patches may be deployed as they become available (prior to purchase).
Wireless products should support upgrade and patching of firmware to be able to take advantage of wireless security enhancements and fixes.

5. Perform comprehensive security assessments at regular and random intervals (including validating that rogue APs do not exist in the 802.11 WLAN) to fully understand the wireless network security posture.
Security assessments, or audits, are an essential tool for checking the security posture of a WLAN and for determining corrective action to make sure it stays secure. Random checks ensure that the security posture is maintained beyond periods of assessment.

6. Ensure that external boundary protection is in place around the perimeter of the building or buildings of the agency.
The external boundaries should be secured to prevent malicious physical access to an organization’s information system infrastructure such as a fence or locked doors.

7. Deploy physical access controls to the building and other secure areas (e.g., using photo IDs or card badge readers).
Identification badges or physical access cards help to ensure that only authorized personnel have access to gain entry to a facility.

8. Complete a site survey to measure and establish the AP coverage for the agency.
Proper placement of Access Points will help ensure that there is adequate wireless coverage of the environment while minimizing exposure to external attack. The site survey should result in a report that proposes AP locations, determines coverage areas, and assigns radio channels to each AP and that ensures that the coverage range does not expose APs to potential malicious activities.

9. Take a complete inventory of all APs and 802.11 wireless devices.
A complete inventory list of APs and 802.11 wireless devices can be referenced when conducting an audit for unauthorized use of wireless technologies.

10. Ensure that wireless networks are not used until they comply with the agency’s security policy.
Security policy enforcement is vital for ensuring that only authorized APs and 802.11 wireless devices are operating in compliance with the organization’s wireless security policy.

Source : http://www.controlscada.com/download-free-iso-27001iso17799-wireless-lan-security-summary

No comments:

Post a Comment