The Washington State Auditor's Office has a strict no-wireless policy. Its rationale is simple: No wireless access
equals no wireless security threats.
And when you're defending a state network chock-full of sensitive data, the need to enforce that anti-wireless regime grows.
"We don't want any wireless access points connected to the state network," said auditor's office spokeswoman Mindy Chambers.
Chambers said the state's wired network has been hacked in the past, but so far no one has made an attempt to hijack it wirelessly, and the auditor's office wants to keep it that way. If an employee were to install wireless access points or a rogue wireless network, state data could be opened up to folks inside and outside the building walls, which could compromise security.
In four of its buildings, the auditor's IT department unleashed Network Chemistry's RFprotect Distributed system and RFprotect Mobile, two components of the Redwood City, Calif.-based vendor's wireless threat protection suite.
Chambers said the deployment gives the office a dedicated system with 24/7 monitoring that can scan for and locate rogue access points inside the buildings. The portability of RFprotect Mobile, she said, gives IT the ability to walk-around the buildings to assess vulnerabilities and speed up incident response if a rogue access point is detected in or near the buildings.
In the few months the Washington State Auditor's Office has used RFprotect, it found ad-hoc networks and access points at nearby retail stores, coffee shops and offices that state employees could've been using to go wireless, de Haaff said.
The auditor's office, de Haaff said, wanted "visibility into what's going on in the air."
The no-wireless policy – though strict -- is not uncommon within agencies that house extremely sensitive information on their networks, de Haaff said. Wireless security has made great strides, but some companies and organizations just aren't quite ready to embrace it.
"People still aren't comfortable that it's secure," de Haaff said. "Security is still the biggest inhibitor of wireless adoption."