GAO Report on Wireless Security

The Government Accountability Office (GAO) has compiled a report detailing the security risks and possible solutions for the use of Wi-Fi by federal agencies [1.5 MB PDF]. The recommendations include:
  • Developing polices to control the deployment and use of wireless technologies
  • Training staff to recognize threats and avoid them
  • Deploying security tools such as wireless encryption and authentication, VPNs and firewalls
  • Enable continuous monitoring of wireless networks to determine policy compliance and detect unauthorized access
The report also notes that the GAO performed an unannounced audit of wireless networks at six different federal agencies. It states:
In all six agencies we found wireless devices operating in ad hoc mode. In over half of these cases the ad hoc networks could be detected outside of the building and could have provided access to the agency’s networks. We found these situations at agencies without monitoring programs as well as at agencies with extensive monitoring programs.
The GAO also found that these agencies suffered from rogue access points that could provide a launching point for an attack.
via The Wireless Weblog
By Chris on May 18, 2005 10:23 AM |