Quick Guide To Protecting Wi-Fi Networks And Users
Enterprise Wi-Fi deployments often focus on the services provided to in-building or on-site users while mostly ignoring the company's mobile workforce. Laptops, smartphones and PDAs have received significant press attention regarding virus vulnerabilities and corporate risk as a result of physical loss. Mobile device management products such as iAnywhere's Afaria and Intellisync's Systems Management do provide access security as well as operating system and application management policies, but the wireless-specific aspects of most portable devices have not been addressed.
Accidental association--inadvertently associating to an AP (access point)--is one concern. This can happen via Microsoft Window's promiscuous wireless client, which surreptitiously attempts to connect to the first AP that matches an existing profile. Or, depending on how it's configured, it can happen via any AP. Almost a year ago, the media picked up on the "Evil Twin" attack, which occurs when attackers at a hotpot replicate the identity of a good AP, and perhaps even a Web-based authentication scheme, to fool unsuspecting users into connecting to them. Minimally, attackers are able to obtain the hotspot login credentials; in the worst case, they can capture all unencrypted traffic and access any mobile device.
