S 3.59 Training on the secure use of WLAN

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: IT Security Officer, Head of IT, Administrator

When operating WLAN components, it is necessary to have a wide range of knowledge of the basic methods of operation and of special technical versions, but also of a number of security aspects. For this reason, it is absolutely essential to inform those responsible for the IT as well as the IT Security Management of the basic WLAN principles.

Training administrators

The administrators who operate WLAN components should possess practical knowledge as well as theoretical knowledge. WLAN training courses for administrators should address the following subjects, amongst other things:

• Overview of security aspects for WLANs
  • typical threats
  • SSID, modes of operation, connection establishment, address filtration, prevention of spoofing, MAC address filtration
• Selection of appropriate security mechanisms, authentication, and securing communications
  • WEP, WPA, WPA2, IEEE 802.11i, IEEE 802.1X
  • key management in TKIP, CCMP, etc.
  • authentication mechanisms in the WLAN, for example EAP, RADIUS
  • detecting WLANs
• Security safeguards for WLAN operation
  • security-relevant Bluetooth configuration parameters
  • system management
  • network analysis programs and wireless intrusion detection systems
  • VPNs for WLANs, IPSec, DHCP
  • interaction of WLANs with security gateways
  • securing WLAN components against unauthorised access

Training users

The users of WLAN components, especially of WLAN clients, must be trained as well. During training, the users should become familiar with the method of operation and secure operation of the WLAN components. The meanings of the security settings and why they are important must be explained in detail to the users. In addition, they need to be informed of the threats resulting as a consequence of bypassing or disabling these security settings for the sake of convenience or to reduce the number of annoying warning messages. By raising the users' awareness of specific threats, it is possible to achieve proper operation of the WLAN components and security settings.

Training plant security and gatekeepers

Due to the existence of wardriving attacks, the plant security and the gatekeepers should also be sensitised to the risks. The plant security should make sure that no strangers are lingering around the company premises for a long time with a notebook and possibly even a WLAN antenna. Security management must be informed whenever suspicious persons are noticed.

The contents of the training programme must always be adapted according to the corresponding operational scenarios. Training programmes using web-based, interactive programmes in the intranet could also be used for this purpose. In addition to receiving training on WLAN security mechanisms, the employees should also be given a copy of the WLAN security policy of the organisation.

Review questions:

• Has the awareness of the employees and the plant security/gatekeepers for wardriving attacks been raised?