|« Monday Morning Technologist||Make Sure Remote Users Have Locks Too »|
Count the Doors
#5 – Count the Doors
How many ways into your network are there? Are you sure?
One problem cropping up in corporate networks are users who bring their own wireless access points to the office and set them up so that they can roam wirelessly with their PDAs, laptops and other devices. These rogue access points are often not properly secured and provide a way for the unscrupulous to get into your network without your knowledge.
If your users are clamoring for wireless access in the office it may be a good idea to deploy it. If you don't, they might. At least if you do it you can have confidence that it was deployed properly and securely and that you can monitor and manage it.
Check your phone bill for forgotten modems. Another way users can sometimes subvert your security is by setting up PC Anywhere or other such remote access software on their desktop PC and plugging a forgotten phone line into the modem in their PC. Or maybe you have a modem that you used to use for remote access and simply forgot to disconnect when that use ceased.
Keep a close eye on your network traffic for apps like GoToMyPC, LogMeIn and VNC. Users may try to install those on their work machines so they can access them from home. Again, if they're clamoring for that kind of access you should consider creating an officially supported solution.
Got network drops in your conference rooms and public areas? Consider unplugging them at the patch panel when they're not in use. Yes, I know that requires you to remember when you need to connect them - or have users request reconnection - but it prevents outsiders from plugging into your network, probably behind the firewall, in a public area of your offices.
Make sure you know where every modem, wireless access point, network cable drop and other access point for your network is. Set and enforce a policy regarding remote access software on company workstations.