By Ericka Chickowski
Dec 06, 2010
Many federal agencies are not doing a good enough job securing and
monitoring their wireless networks, even amid efforts to improve
continuous monitoring across agencies, according to a report (PDF)
released last week by the Government Accountability Office (GAO).
Among the wireless weaknesses laid out in the report, the GAO found many
agencies suffer from insecure wireless device configurations, a lack of
risk-based management of wireless infrastructure, and decentralized
wireless management structures. The latter, in particular, poses
problems with respect to monitoring, the GAO warned.
"A decentralized wireless management structure can result in disparate,
ad hoc networks that are independently managed, which can impede
effective implementation and monitoring of security controls and inhibit
sufficient oversight of the wireless network," the report said.
The GAO also expressed concern about the lack of monitoring and scanning
tools in use at some organizations, and ineffective use of these tools
at others. The GAO reported that only 18 agencies mandated some type of
monitoring for unauthorized access points in their policies -- and of
those some required only yearly scans, with two agencies using outdated
scanning tools that could miss wireless activity.
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.