[ISN] Wireless Monitoring And Security Lags In Government Agencies

From: InfoSec News <alerts_at_private>
Date: Tue, 7 Dec 2010 03:15:30 -0600 (CST)

By Ericka Chickowski
Contributing Writer
Dec 06, 2010 

Many federal agencies are not doing a good enough job securing and 
monitoring their wireless networks, even amid efforts to improve 
continuous monitoring across agencies, according to a report (PDF) 
released last week by the Government Accountability Office (GAO).

Among the wireless weaknesses laid out in the report, the GAO found many 
agencies suffer from insecure wireless device configurations, a lack of 
risk-based management of wireless infrastructure, and decentralized 
wireless management structures. The latter, in particular, poses 
problems with respect to monitoring, the GAO warned.

"A decentralized wireless management structure can result in disparate, 
ad hoc networks that are independently managed, which can impede 
effective implementation and monitoring of security controls and inhibit 
sufficient oversight of the wireless network," the report said.

The GAO also expressed concern about the lack of monitoring and scanning 
tools in use at some organizations, and ineffective use of these tools 
at others. The GAO reported that only 18 agencies mandated some type of 
monitoring for unauthorized access points in their policies -- and of 
those some required only yearly scans, with two agencies using outdated 
scanning tools that could miss wireless activity.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Tue Dec 07 2010 - 01:15:30 PST

This archive was generated by hypermail 2.2.0 : Tue Dec 07 2010 - 01:22:59 PST