Risk Assessment

Once you are able to determine your level of vulnerability, you can
determine your overall risk assessment and how best to direct the computer
security in your organization to identify the countermeasures you
should take to reduce your risk prior to implementation.

Five primary areas of security are important for any level of risk
assessment. These include:


Security policy

Privacy policy

Physical security

Access point setup

Access point distribution

The most serious vulnerability is a breach of physical security, which
occurs when any unauthorized person not an employee of an organization
is able to gain access to the corporate facilities. In order to make
certain that only authorized employees and contractors enter your corporate
facilities, you need to adopt, and make certain you continue to
use, physical security safeguards such as:


Biometric identification techniques

Magnetic card badges

Photo identification

You must also have a real-live security team (and this doesn’t always
bode well for contract security companies) who are actually part of your
organization and know what to look for when screening individuals for
admittance into your facilities.

The biggest problem that security guards face is hackers who use
“social engineering” techniques to gain access into your corporate facilities.
There are so many excuses and methods by which you can claim to
enter a building—and almost any guard will feel duly pressed to allow
hackers into the area under the legitimate belief that they need to be
there based on what they said.

You ultimate objective is to make your security team understand how
to make certain that your wireless network is not accessible from outside
your corporate facilities. This means you must carefully examine
each and every access point within your organization in an effort to realize
exactly how you can prevent eavesdropping that may result from
unforeseen network vulnerabilities.

Site security is often assured through survey assessments that make
certain you have placed all your access points in the least accessible
locations within your organization. The reason for careful placement of
your access points is to make certain nobody can alter or modify your
configuration settings.

As an administrator, you should physically map where and when users
access your network. Just remember that there are a number of high-gain
antennas that can pick up wireless signals at great distances. This makes
it even easier for a hacker to eavesdrop on your WLAN. However, you can
mitigate this risk simply by using your wireless network independent of
the main firewall in your organization. You should also require that any
incoming connection traffic use a VPN to encrypt the data channel so that
even if the signal is intercepted, it won’t make sense to anyone.

Risk is sometimes difficult to predict; this is why the precautions listed
here will help you mitigate your risk while you can still take advantage of
your WLAN. Be aware that many new hacker tools come into circulation
all the time. For example, new encryption breaking programs have risen
to the level where “script kiddies” (any would-be hacker) can just launch a
program to monitor your wireless transmissions in the hope of determining
any vulnerabilities that exist within your WEP encryption algorithm.
Since WLANs pose a risk if not maintained properly, your best
defense is to enable the following critical safeguards:


Random WEP encryption keys

Access control lists

Virtual private networks (within your wireless connectivity)

Defense programs are becoming more and more sophisticated as they
offer enhanced security solutions that extend throughout both the wired
and wireless sections of your enterprise. 280