Wireless networks bring both increased flexibility and convenience to users, but also present additional security concerns for system administrators where they extend the corporate LAN beyond the traditional bricks and mortar boundaries that surround traditional ‘wired’ LAN access. It is paramount that a organisational wireless networks are configured to utilise the strongest available encryption and authentication methods.
SureCloud can provide assurance within this area through their Wireless Network Penetration Testing services, which will include:
- Identifying any insecure encryption or authentication methods that are configured and exploit them as part of a proof of concept
- Discovering any rogue access points that may be connected to internal networks
- Reviewing and highlighting any wireless network segregation issues that may be present, such as where ‘guest’ networks can interact with obscure or common internal network services
- Obtaining and attempting to crack WPA/WPA2 Pre-shared-keys (PSK’s) for any networks that may utilise these authentication methods, demonstrating the risk of insecurely configured passphrases.