RealNews

Companies Still Fighting Rogue WLANs

Enterprises continue to battle the installation of unauthorized, or rogue, wireless LAN access points (AP) on corporate networks by employees who install the increasingly cheap devices unmindful of the security risks, according to speakers here today at Computerworld’s Mobile and Wireless Conference. Tom Dillon, manager for mobile and wireless at Hilton Hotels Corp. in Beverly Hills, Calif., said the management of a Hilton hotel he recently visited assured him that the property’s network had in operation only six authorized WLAN APs. Dillon said he fired up sniffer software and quickly detected 15 APs at the hotel, which he declined to identify. That, he said, clearly illustrates the continued proliferation of rogue APs, which he said IT managers need to battle with strict policies. He also called on companies to institute strong authentication policies to ensure that only authorized users can gain access to wireless networks carrying sensitive business information. That’s absolutely necessary, he said, for businesses such as hotels that operate both public and private WLANs in the same space. He also said enterprises need to govern the use of WLAN client devices, which can be used in an insecure mode on home or public-access WLAN systems. He said Hilton now requires that WLAN clients, such as cards in laptop computers, be disabled when the laptop is connected to the wired enterprise LAN to prevent injection of Trojan horses picked up when the laptop was hooked up to a home network. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.