How to Defend Against Rogue Access Points

Policy

  • Establish a no-exceptions policy against the use of wireless LANs without approval of the IT department.
  • Set up an amnesty program that will allow employees to disclose their self-installed APs to the IT department within a one-month period.
  • Encourage use of properly installed, configured and secured wireless LANs - if the business case justifies their use.

Discovery

  • Use sniffing tools to physically survey all facilities for wireless LAN signals, and then zero in on unauthorized devices.
  • Don't ignore low-tech, small or obscure operations, such as truck terminals, loading docks, branch offices, factories and the maintenance department. It takes only one rogue AP to open up an enterprise network.

Maintenance

  • Continue to issue reminders of the no-exceptions policy.
  • Sniff premises periodically.
  • Consider centrally managed systems for detecting rogue APs within large organizations.
FREE Computerworld Insider Guide: IT Certification Study Tips
Join the discussion
Be the first to comment on this article. Our Commenting Policies