Transcript Data Security Considerations in Configuring Wireless Access

Environment => Office, Campus, Home

Impact How, not Whether
A Checklist for Wireless Access Points
1)
Control the Broadcast Area
•
Limit directionality and signal strength
2)
Lock Down all Access Points
•
Change Default Administrative Logins
•
•
3)
Change Name (if possible)
Create Substantial Passwords
(www.pcmag.com/passwords)
Assure no Rogue Access Point (AP)
•
Only Known AP’s
(www.netstumbler.com)
4)
Disable SSID Broadcasts
•
Craft Service Set Identifiers (SSID’s)
•
Avoid company, address, or person names
5)
Limit Access
•
Limit to Known MAC Addresses
•
6)
Known machines & air cards
Limit Number of User Addresses
•
If few (<80), limit DHCP Addresses Assigned
•
If all try but some can’t => unauthorized log-ons
7)
Use a Firewall supporting VPN Connections
•
Always use VPN to Connect to Network from Outside Net
8)
Use Encryption
•
•
128-bit WEP (wireless equivalency protocol) minimum
WPA (Wi-Fi protected access) preferable
•
•
•
•
All or None – every wireless device on network must be WPA
Pre-Shared Key -- no authentication server required
Network Authentication option -- WPA-PSK
Select TKIP as encryption type – AES available but not universally