Tackling BYOD security by protecting against unauthorised network access

By   ISBuzz Team
Writer , Information Security Buzz | Oct 14, 2013 04:57 am PST

Security is a major concern as BYOD increases. We’re all familiar with the problems arising from data stored on unsecured devices which then go missing, but what about unsecured network access?

It’s important that users tell you which devices they want to use, so you can provide them with appropriate access to the network. If not, or when they’re in a hurry, they may turn to open guest access to the corporate network, making data open to eavesdropping and interception.

To protect against access from unauthorised devices, whether belonging to employees or competitors, a key part of any BYOD strategy is maintaining security of the entire wireless environment. Hardware vendors offer rudimentary security tools, but only a dedicated wireless intrusion prevention system (WIPS) can achieve this automatically in an adequate and robust manner across multiple sites.

A WIPS works in two ways. It monitors the radio spectrum for any unauthorised wireless devices (detection) and automatically stops these devices accessing the WLAN (prevention). Large organisations in particular are susceptible to threats from bogus  access points which could expose the entire network to anyone within wireless range. The WIPS will detect these using MAC address filtering and, to guard against MAC spoofing, device fingerprinting which uses characteristics unique to each device. It will also detect and flag the attempted use of any wireless attack tools.

Contemporary WIPS tools have three separate elements: intelligent active sensors that scan the radio spectrum and capture data packets, one or more distributed servers which communicate with the sensors and analyse any captured packets, and a centrally located user administration and reporting station.

This makes it possible to deploy multiple remote sensors and/or servers across all the sites in a network and provide true 24×7 end-to-end monitoring and detection. Central alarms generated by WIPS will then alert the on-duty network engineer and security personnel to any attempted intrusions.

If you’d like more information, take a look at the AirMagnet product line from Fluke Networks. It spans the entire WLAN lifecycle, ensuring security, performance and compliance. Automatically discovering employee-owned mobile devices, it assesses their impact on the corporate network, reduces unwanted side-effects and facilitates trouble-free and appropriate use.

By Stephane Persyn, Fluke Networks