Auditor's office wards off potential wireless threats

Because of its strict anti-wireless policy, the Washington State Auditor's Office needed a way to ensure that no one inside or outside could tap into the state network wirelessly.

The Washington State Auditor's Office has a strict no-wireless policy. Its rationale is simple: No wireless access

equals no wireless security threats.

And when you're defending a state network chock-full of sensitive data, the need to enforce that anti-wireless regime grows.

"We don't want any wireless access points connected to the state network," said auditor's office spokeswoman Mindy Chambers.

Chambers said the state's wired network has been hacked in the past, but so far no one has made an attempt to hijack it wirelessly, and the auditor's office wants to keep it that way. If an employee were to install wireless access points or a rogue wireless network, state data could be opened up to folks inside and outside the building walls, which could compromise security.

In four of its buildings, the auditor's IT department unleashed Network Chemistry's RFprotect Distributed system and RFprotect Mobile, two components of the Redwood City, Calif.-based vendor's wireless threat protection suite.

Related stories

Check out a technical tip on WLAN security tools

Read about an online wireless threats database

Brian de Haaff, Network Chemistry's vice president of product management and marketing, said the auditor's office uses RFprotect Distributed to enforce the no-wireless policy, and to detect threats and prevent attacks on the network. The office also rolled out RFprotect Mobile, a portable, laptop-based suite of analysis tools that detects, locates and mitigates wireless-specific threats.

Chambers said the deployment gives the office a dedicated system with 24/7 monitoring that can scan for and locate rogue access points inside the buildings. The portability of RFprotect Mobile, she said, gives IT the ability to walk-around the buildings to assess vulnerabilities and speed up incident response if a rogue access point is detected in or near the buildings.

In the few months the Washington State Auditor's Office has used RFprotect, it found ad-hoc networks and access points at nearby retail stores, coffee shops and offices that state employees could've been using to go wireless, de Haaff said.

The auditor's office, de Haaff said, wanted "visibility into what's going on in the air."

The no-wireless policy – though strict -- is not uncommon within agencies that house extremely sensitive information on their networks, de Haaff said. Wireless security has made great strides, but some companies and organizations just aren't quite ready to embrace it.

"People still aren't comfortable that it's secure," de Haaff said. "Security is still the biggest inhibitor of wireless adoption."

Dig deeper on WLAN Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close