Protect Yourself Against Rogue Wireless Access Points - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:37 PM

Protect Yourself Against Rogue Wireless Access Points

As wireless networks proliferate, so do rogue access points, set up by employees or by hackers intent on stealing data and customers. Here's how you can protect yourself against them.

You have network access battened down, from Ethernet drops in the office to the VPN connecting remote sites and users. But someone, somewhere, has gained access through a wireless access point (AP) that you simply can't account for. You have a rogue on your network -- and you have a problem.

"Rogue APs are a problem particularly for companies that don't have a wireless policy," says Forrester Research principal analyst Ellen Daley. "While it won't exactly take down your network, it does pose a security threat.

There are, in fact, two kinds of rogue APs. The first and most familiar is the friendly rogue. These pop up when someone on the sixth floor heads out to Circuit City on his lunch hour, picks up a $50 wireless router and plugs it into the wall to make network connections more convenient in the accounting office. These kinds of rogue APs are friendly because they happen within the organization, and don't usually signal malicious intent.

"It gives access to the company network, and that can be a problem," Daley says. "But they're not usually as big a problem as they used to be. In the early days of wireless networking, they used to be much more common, but with the wide adoption of wireless, users are less motivated these kinds of unauthorized APs."

The other kind of rogue is the decoy or "evil twin" AP. Some digital miscreant sets up an AP of his own with a service set identifier that makes it look like it's a company access point. This certainly is malicious and though it doesn’t give access to your network, it can give someone else access to your company secrets. Users confident that they're logging into the company site could unwittingly give away everything from passwords to corporate information.

The way you find rogue APs of either variety is to sniff them out. This can be a process as simple as popping open your laptop and seeing if something suspicious in the available networks dialog box, or investing in overlay systems to continually sniff the air for rogue SSIDs.

"The good news is that legitimate enterprise APs now have a built-in feature to intermittently sniff the air for rogues, so you don't necessarily need overlay equipment," Daley says. "That's pretty good for 90% of rogue situations. Most organizations are pretty good about sniffing the air and comparing MAC addresses with a database of authorized APs."

On the other hand, it wasn't always that way. Though self-sniffing APs are now the rule rather than the exception, there's a possibility that any company that invested in wireless networking back in the old says of even a couple of years ago, can't count on that kind of protection.

"The fat APs that were first rolled out in organizations didn't have that feature," Daley says "But they didn't provide much centralized control, and that market has begun to move to a more centralized model of wireless LAN suites."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll