Pesky stuff these wireless signals. Imagine that, they leak outside of buildings, and government buildings at that.... --jack
--GAO Report Finds Wireless Security Lacking at Federal Agencies (17 May 2005) A Government Accountability Office study found that federal agencies lack adequate wireless network security. In its report, GAO recommends that the Office of Management and Budget require agencies to incorporate wireless security into their information security programs under the Federal Information Security Management Act. This would include policies in wireless network implementation and use, configuration requirements for wireless security tools and training employees and contractors on wireless policies. Of 24 executive branch agencies, nine had no wireless network policies and 13 had no wireless equipment security configuration requirements. At six agency headquarters in downtown Washington, DC, the GAO found wireless signals leaking outside of buildings, unsecured wireless equipment configuration and unauthorized wireless devices operating on the network. http://appserv.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcndaily2&; story.id5827 http://www.gao.gov/new.items/d05383.pdf [Editor's Note (Schultz): What amazes me is that so many organizations continue to have cleartext wireless communications despite the inherent danger of eavesdropping and the availability of suitable encryption solutions. (Shpantzer): Most places have either a 'no wireless' policy or a 'wireless with XYZ security' policy. Both require monitoring and enforcement. If you have no policy at all, you're virtually guaranteed to have insecure wireless in place, set up for convenience and mobility by enterprising employees. If you have no policy, what can you can do to those employees? Not much.] _______________________________________________ BAWUG's general wireless chat mailing list [unsubscribe] http://lists.bawug.org/mailman/listinfo/wireless
