NIST report highlights need for improved WLAN security

It's no secret that wireless local area networks (WLAN) have grown at an exponential rate in the enterprise, but new draft recommendations from the National Institute of Standards and Technology (NIST) conclude that WLANS offer a unique set of cybersecurity risks that should be considered prior to deployment.

NIST is recommending that enterprises--especially government agencies--should set standard security configurations across all WLAN components, including client devices and access points, so that configuration can be deployed and verified in an automated fashion. Overall, organizations should standardize, automate and centralize as much of their WLAN security configuration and maintenance as possible, NIST said.

NIST also noted the need to limit WLAN accessibility. Enterprises should incorporate different security profiles for different WLAN users. For instance, enterprises should establish one profile for guests and another for full-time staff.

Wi-Fi clients also tend to access more than one network simultaneously (such as cellular and Wi-Fi), which increases network vulnerability, NIST said.

NIST suggests organizations continuously monitor WLANs for both WLAN-specific and wired-network intrusions. Regular, periodic technical security assessments are instrumental in WLAN monitoring, the report said.

The draft report SP 800-153 aims to consolidate and expand upon--but not replace--wireless security recommendations in SP 800-97, among others. NIST is seeking comments on the report through Oct. 28.

For more:
- see the draft of SP 800-153 (.pdf)

Related articles:
Dell'Oro: WLAN revenues increased 24% in Q2
Report: Wireless LAN market reached record revenues in 2010
Smartphones taxing enterprise Wi-Fi networks

Suggested Articles

With CBRS entering the commercial phase, entities like Google are emphasizing products for the entire ecosystem, not just the SAS part.

Thomas Marzetta, originator of Massive MIMO technology, was appointed director of the research center at the NYU Tandon School of Engineering, replacing Ted…

T-Mobile executives reiterated their plan to use the proposed merger with Sprint to leapfrog competitors AT&T and Verizon in 5G.