SANS Critical Control 7: Wireless Device Control
- Jul 02, 2013
- Michelangelo Sidagni
Wireless networks have always been a “no man’s land” in terms of security and appropriate configuration. Some of the most notorious security breaches (ie TJX) happened because the security configuration of the enterprise wireless access points was loose. Furthermore, from the security architecture standpoint, if the wireless network is located logically within the internal enterprise network, a security breach of the wireless network could represent a disastrous incident with profound consequences for the enterprise going-concern.
Wireless networks have always been a “no man’s land” in terms of security and appropriate configuration. Some of the most notorious security breaches (ie TJX) happened because the security configuration of the enterprise wireless access points was loose. Furthermore, from the security architecture standpoint, if the wireless network is located logically within the internal enterprise network, a security breach of the wireless network could represent a disastrous incident with profound consequences for the enterprise going-concern.
On top of that, add another headache for the enterprise: Bring-Your-Own-Device – BYOD. Personal electronic devices are brought to work (iPad, Android tablets, etc.) and connected to the wireless internal network, so if one of these devices is compromised the path to the core of the enterprise goes right through its wireless network.
SANS Critical Control 7 speaks about wireless network logical architecture and configuration and focuses on the following key areas:
Unified VRM allows the enterprise to kick start its own wireless networks vulnerability management program, allowing to: