|
Do you know when an onsite vendor or consulting company tucked away in a FORGOTTEN conference room plugs in their mobile Access Point?
Various precautions and SECURITY MEASURES implemented at network gateways such as firewalls, VPN tunnels, and host HARDENING have been used to mitigate the risks of data theft and network intrusion. However, all of the effort put into securing a network can be rendered moot by the CARELESS INSTALLATION of a single wireless access point. By enabling wireless devices to connect to the INTERNAL NETWORK within an office, attackers can join the internal network without having to circumvent the access control mechanisms already in place at the NETWORK PERIMETER and the physical access control systems as well. The traffic and SECURITY MONITORING system present at the wired network perimeter will not log attacks carried out from a ROGUE SYSTEM already within the trusted network.
Some of organizations that house sensitive information may have a CORPORATE POLICY stating that wireless LANs are NOT ALLOWED. They may think that this “NO-USE” POLICY keeps their networks safe and secure, but they are gravely MISTAKEN. A rogue access point could be placed on their network by intruders or by employees, and without a WIRELESS INTRUSION DETECTION system, there would be no way to know that all of their security mechanisms have been BYPASSED giving full access to anyone within 300 feet of the facility.
AXOSS WIRELESS PENETRATION TESTING CAN HELP your organization:
- ATTEMPT to gain access to wireless access points
- EVALUATE access control and ENSURE principles of least privilege are utilized
- EVALUATE wireless ENCRYPTION
|
|
|
