- Establish a no-exceptions policy against the use of wireless LANs without approval of the IT department.
- Set up an amnesty program that will allow employees to disclose their self-installed APs to the IT department within a one-month period.
- Encourage use of properly installed, configured and secured wireless LANs - if the business case justifies their use.
- Use sniffing tools to physically survey all facilities for wireless LAN signals, and then zero in on unauthorized devices.
- Don't ignore low-tech, small or obscure operations, such as truck terminals, loading docks, branch offices, factories and the maintenance department. It takes only one rogue AP to open up an enterprise network.
- Continue to issue reminders of the no-exceptions policy.
- Sniff premises periodically.
- Consider centrally managed systems for detecting rogue APs within large organizations.