Protect Yourself Against Rogue Wireless Access Points

You have network access battened down, from Ethernet drops in the office to the VPN connecting remote sites and users. But someone, somewhere, has gained access through a wireless access point (AP) that you simply can't account for. You have a rogue on your network -- and you have a problem.

"Rogue APs are a problem particularly for companies that don't have a wireless policy," says Forrester Research principal analyst Ellen Daley. "While it won't exactly take down your network, it does pose a security threat.

There are, in fact, two kinds of rogue APs. The first and most familiar is the friendly rogue. These pop up when someone on the sixth floor heads out to Circuit City on his lunch hour, picks up a $50 wireless router and plugs it into the wall to make network connections more convenient in the accounting office. These kinds of rogue APs are friendly because they happen within the organization, and don't usually signal malicious intent.

"It gives access to the company network, and that can be a problem," Daley says. "But they're not usually as big a problem as they used to be. In the early days of wireless networking, they used to be much more common, but with the wide adoption of wireless, users are less motivated these kinds of unauthorized APs."

The other kind of rogue is the decoy or "evil twin" AP. Some digital miscreant sets up an AP of his own with a service set identifier that makes it look like it's a company access point. This certainly is malicious and though it doesn’t give access to your network, it can give someone else access to your company secrets. Users confident that they're logging into the company site could unwittingly give away everything from passwords to corporate information.