Wireless Access Control
CIS Control 15This is a foundational Control
The processes and tools used to track/control/prevent/correct the security use of wireless local area networks (WLANs), access points, and wireless client systems.
Why is this CIS Control critical?
Major thefts of data have been initiated by attackers who have gained wireless access to organizations from outside the physical building, bypassing organizations’ security perimeters by connecting wirelessly to access points inside the organization. Wireless clients accompanying travelers are infected on a regular basis through remote exploitation while on public wireless networks found in airports and cafes. Such exploited systems are then used as back doors when they are reconnected to the network of a target organization. Other organizations have reported the discovery of unauthorized wireless access points on their networks, planted and sometimes hidden for unrestricted access to an internal network. Because they do not require direct physical connections, wireless devices are a convenient vector for attackers to maintain long-term access into a target environment.
- Leverage the Advanced Encryption Standard (AES) to encrypt wireless data in transit.
- Create a separate wireless network for personal or untrusted devices. Enterprise access from this network should be treated as untrusted and filtered and audited accordingly.
Want to implement this foundational Control?
Information Hub : CIS Controls
Media mention • 21 Jan 2020
Blog post • 20 Jan 2020
Media mention • 17 Jan 2020
Blog post • 16 Jan 2020