How to Defend Against Rogue Access Points

Policy

  • Establish a no-exceptions policy against the use of wireless LANs without approval of the IT department.
  • Set up an amnesty program that will allow employees to disclose their self-installed APs to the IT department within a one-month period.
  • Encourage use of properly installed, configured and secured wireless LANs - if the business case justifies their use.

Discovery

  • Use sniffing tools to physically survey all facilities for wireless LAN signals, and then zero in on unauthorized devices.
  • Don't ignore low-tech, small or obscure operations, such as truck terminals, loading docks, branch offices, factories and the maintenance department. It takes only one rogue AP to open up an enterprise network.

Maintenance

  • Continue to issue reminders of the no-exceptions policy.
  • Sniff premises periodically.
  • Consider centrally managed systems for detecting rogue APs within large organizations.
To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.