Ever since Wi-Fi devices began changing the way we do business more than a decade ago, IT has been scrambling to figure out how to secure the powerful, yet disruptive, technology. Sure, wireless makes employees more productive, but it also exposes your network and data to a variety of threats that you just don't have to worry about when you are passing data packets over wires.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
Of course, technologies have been developed to try to address many of these issues, from the relived WEP to the more robust WAP standard now commonly in use. But perhaps most important of all is the low-fi approach of setting firm policies for users about which type of devices are allowed to connect wirelessly to the network. After all, if you don't know about a connection, it's pretty tough to secure it.
Here in the IT Downloads library, we have an assortment of wireless use policy templates available free to IT Business Edge members. Each of the templates are customizable, of course, but each also includes specific guidelines that will help you determine how stringently you want to control wireless access to your network.
The Wireless Use Policy Template from our partners at Toolkit Cafe could best be described as a pretty strict approach to wireless security. Among other tenants, the policy states that any wireless devices on the network must be purchased and maintained by the IT department. Consumer Wi-Fi gear has always been a headache for tech shops, but then again so are managers who incessantly complain that they can't check their email on the iPhone. This policy is best suited for a company with a pretty regimented approach to technology.
The Wireless Security Access Policy from Info~Tech Group is more detailed and has a more open attitude about allowing consumer tech to attach to the network. However, the five-page template does suggest that your IT team spell out the operating systems and device categories that you are willing to provide access to. (There is so much gear out there these days that you can't possibly be expected to support it all.) The policy also spells out preventative measures like having any public hotspots approved and whitelisted before they can connect. It's a very comprehensive resource.
The Wireless Networking Policy from Indiana University-Purdue University Indianapolis gives you a good idea of how an IT department that's responsible for a large campus tackles Wi-Fi security. The policy strongly discourages the installation of access points where Wi-Fi is not supported by central IT-yes, that is still a problem, believe it or not-and also addresses frequency interference that can arise from having wireless soup flowing from every corner of your campus.
The Wireless Access Point Policy, also from Info~Tech, cracks down pretty hard on any users who attach rogue APs to the network. And it also gives IT the authority to remove any devices, including microwave ovens, that may be interfering with Wi-Fi service. It goes on to spell out fairly rigorous criteria for the access points to be maintained by IT, including WPA encryption as a minimum for all corporate data following over the wireless network.