The luxury of mobility. It’s wonderful to be able to access your network from Starbucks. Some days you even telecommute. Oh WiFi, every networker’s dream. What’s scary in this whole scenario is the size of these full blown network devices. Extra small!Even more frightening is, as always, the problem of lax security and misconfiguration. These mobile devices have now given your network a dynamic reachability. The clients roam, even into the wrong hands. It is imperative that administrators dedicate time for user training and awareness. Holders of mobile network devices should be trained on acceptable use, due diligence and care. A firewall cannot protect against an “authorized user”. Authentication schemes should be checked, double checked, updated and tested. VPN technology is great, but if misconfigured it is like having an open door on an otherwise secure house.Another issue with mobile devices is manageability. These devices should be inventoried and checked without announcements. Delinquent users will never be identified if audits are preannounced . It’s synonymous to the police announcing when they are going to raid a crime spot. Users should be held accountable for maintaining the integrity of the network. Being small, again they become problematic in terms of the number, access points, PDAs, WLAN cards, they are infesting today’s networks. Some manufacturers are already implementing RFID systems to track mobile devices. However, all of these security policies are doomed to fail without user training.Recommendations:* use strong encrytion* two way authentication…..802.1x is ideal* WEP should be a last resort* walk about surveys* educate users, from top down, that includes upper management* IPS, WIPS, location trackingThat’s all for now folks.
Mobility means easily moved!