Home Company Security Assessment Training News & Events SC Labs Contact
Learn about our security assessment services
Learn about our
industry-leading application security training
Access our articles and white papers on application security topics

Wireless Assessment

Overview

  • Review current wireless architecture
  • Search for wireless security exposures in and around client facilities
  • Discover vulnerabilities in wireless encryption protocols used
  • Discover existence of unauthorized networks, and wireless devices within corporate environment
  • Develop defensive wireless strategy for corporate and federal compliance

Key Business Benefits

  • Risk mitigation in wireless security: one of the largest areas of exposure in information security
  • Audit of adherence to wireless policy and effectiveness of related organizational controls
  • Improved compliance with regulations and control frameworks, such as the Payment Card Industry Data Security Standard (PCI DSS), COBIT, ISO 27001 (formerly 17799), GLBA, etc.

Our Approach

As a part of a Wireless Security Assessment, Security Compass consultants will attempt the following:

  • Detect the 802.11 wireless networks in place, including both Wireless Access Point (WAP)-based and ad-hoc networks
  • Record the identified SSID, channel, AP MAC address, client MAC addresses, WEP encryption state, and IP address of each wireless network device, if possible
  • Identify the physical location of all accessible wireless APs and record security posture for reporting. Pictures are taken of interior wireless APs. Both pictures and GPS coordinates are recorded for exterior APs, Point-to-Point wireless bridges, and antennas.
  • Identify rogue APs by comparing against a list of provided SSID and MAC addresses for known client access points

Deliverables

The result of a wireless assessment is a list of potentially vulnerable Access Points (if any). Based on additional analysis (either by sniffing the wireless signals or by hijacking an access point) false positives will be removed. Additionally, recommendations to help improve the wireless network architecture will be provided.

Security Compass will consolidate the deliverable from its physical security review analysis engagements along with the other components reviewed (Physical network). The report will summarize the project's scope, approach, findings and recommendations.

Contact Us for More Information