Wireless Security Audit
LEVER Technology Group PLC conduct authoritative and definitive wireless network security audits.
With more than 7 years experience in WiFi security audit, and as a World-recognised authority
in WiFi security education, we have unique credentials, including many years of work for
Government wireless security agencies and notable contracts for major names in Commercial,
Health, Manufacturing and Education sectors.
Wireless Security Policy
Security standards such as the Payment Card Industry (PCI) Data Security Standard,
created by major credit card companies to safeguard customer information, mean that it is now
mandatory that companies deploying Wi-Fi wireless networks have a clearly-defined,
stated and documented wireless network security policy.
The National Institute of Standards and Technology in the USA advises that "companies
should be aware that maintaining a secure wireless network is an ongoing process
that requires greater effort than that required for other networks and systems".
Moreover, "it is important that companies assess risks more frequently and that they test and evaluate
system security controls when wireless technologies are deployed".
Clearly, your organisation's wireless network security policy should be be created by a team with
in-depth experience in the field.
Authoritative training in Wireless Security
is available for IT staff needing the skills to perform this task.
As NIST advises, it is important that your wireless network installations are regularly audited and evaluated for compliance
with your stated wireless security policy. Ideally, these audits should be performed independently, by an external organisation
with in-depth skills in wireless network security auditing.
Wireless Network Vulnerabilities
As with wired networks, companies need to be aware of liability issues for the loss of
sensitive information or for any attacks launched from a compromised network.
Specific threats and vulnerabilities to wireless networks and devices include:
- All the vulnerabilities that exist in a conventional wired network apply to wireless technologies.
- Malicious entities may gain unauthorised access to an agency's computer network through wireless connections, bypassing any firewall protections.
- Sensitive information that is not encrypted (or that is encrypted with poor cryptographic techniques) and that is transmitted between two wireless devices may be intercepted and disclosed.
- DoS attacks may be directed at wireless connections or devices.
- Malicious entities may steal the identity of legitimate users and masquerade as them on internal or external corporate networks.
- Sensitive data may be corrupted during improper synchronisation.
- Malicious entities may be able to violate the privacy of legitimate users and be able to track their movements.
- Malicious entities may deploy unauthorised equipment (e.g., client devices and access points) to surreptitiously gain access to sensitive information.
- Handheld devices are easily stolen and can reveal sensitive information.
- Data may be extracted without detection from improperly configured devices.
- Viruses or other malicious code may corrupt data on a wireless device and subsequently be introduced to a wired network connection.
- Malicious entities may, through wireless connections, connect to other agencies or organisations for the purposes of launching attacks and concealing their activities.
- Interlopers, from inside or out, may be able to gain connectivity to network management controls and thereby disable or disrupt operations.
- Malicious entities may use third-party, un-trusted wireless network services to gain access to an agency's or other organisation's network resources.
- Internal attacks may be possible via ad hoc transmissions.
LEVER's Wireless Security Audit Credentials
LEVER are the UK's leading Wireless security experts for Enterprise-grade WiFi wireless networks (WLANs) - with some unique credentials:
- A World-recognised authority on Wi-Fi network Security
- The World's only CWNP GOLD Learning Partner
- Certified Wireless Security Professionals (CWSP)
- We write the book and teach the industry through our World-leading CWSP courses
- Blue-chip client list which includes the World's major Wireless Security Agencies
- Vendor-neutral Wireless Security Assessments for Cisco, Aruba, Trapeze, Meru, Symbol/Motorola, Proxim, Colubris and many more
Wireless Network Security Assessment
We provide advice at every level on wireless network security, along with a complete range of
services to organisations wanting to secure their wireless networks.
Our services include:
- Strategic Briefings and Seminars
- World-leading raining in Wireles Security
- Wireless Security Policy Planning and Definition
- Writing of Wireless Security Policies
- Wireless Security Health Checks
- Wireless Security Audit
- Assessment of existing Wireless Network Security
- Advice on Wireless Authentication, Wireless Authorisation, Wireless Accounting (AAA), Wireless Encryption, Wireless session control, and Wireless Billing
- Wireless Threat Detection
- Wireless Intrusion Detection Systems (Wireless IDS, WIDS) and Wireless Intrusion Protection Systems (WIPS)
- Recommendations on Wireless Security Tools
- Wireless Site Survey
- In-depth Wireless Network Troubleshooting
- Wireless network Installation and Commissioning