New wireless vulnerabilities come and go, and securing against unknown threats and vulnerabilities is very difficult. However, one thing’s for sure: When the human element is introduced into information systems (and when is it not?), vulnerabilities start popping up everywhere and often remain indefinitely.
The big picture must not be forgotten. In fact, securing the technical piece is pretty easy — it’s securing the human element that takes more time and effort.
Remember that both types of security must be accounted for. Otherwise, you’re running a partially secured wireless network that can provide only limited information security.
What sorts of things can happen when human vulnerabilities are ignored?
Well, for starters, things like this:
- Managers and network administrators deploy wireless network connectivity just because it’s the latest and greatest technology or to appease their users who think it’d be neat to have all without considering the security issues or consequences involved with their actions.
- Social engineers work their way into your building or computer room.
- Users install APs for the sake of convenience and end up bypassing security controls, extending your network, and letting in unauthorized users without your knowledge.
- Hackers or malicious insiders exploit physical security weaknesses, leading to theft, reconfiguration of APs, cracking of WEP keys, and more.
- Network administrators and security managers deploy wireless networks with security requirements that are too stringent, which leads to users ignoring policies and bypassing controls any chance they get.
The possibilities are limitless.
No comments:
Post a Comment