• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Dear Journal and the Misconfigured Access Points

June 6, 2018 By Milena Babayev

dear-journal-misconfigured-access-points
Dear Journal,

Flight to Spain from London was a short one. My owner made a friend on the flight and I stayed powered off during the entire 2-hour and 25-minute duration. Ibiza, pronounced ‘Ee-bee-tha’, attracts nearly six million tourists a year. Not bad for 571 square kilometers (220 square miles) island with a population of around 150,000 people.

From the plane, we headed straight into our meeting. Today, we are getting together with Santiago Garcia, Head of IT at Ibiza Tech Consulting to ensure they have no misconfigured access points, and Wireless Intrusion Prevention System (WIPS) is enabled within the Wi-Fi Cloud. Deploying access points without Wi-Fi security best practices in mind can lead to inadvertent misconfigurations, which often lead to security risks.

The most common misconfiguration is leaving access point configurations set to factory defaults, like usernames, passwords, and even SSID (service set identifier). According to Gartner, the majority of wireless LAN security breaches are caused by poorly configured APs. NOT ON OUR WATCH!

We quickly log in to the WatchGuard Wi-Fi Cloud, and go through each AP. We like what we’re seeing! Every AP conforms to the correct security policies.

Overall, their wireless setup looks good, but they are missing one critical aspect of the Wi-Fi Cloud – their WIPS is not yet configured. Wondering what WIPS is all about? WIPS is a term from the Wi-Fi industry that refers to the prevention of wireless threats. The detection and prevention methods vary by Wi-Fi vendor, but WatchGuard WIPS utilizes advanced patented Marker Packet™ technology to:

  • Automatically and accurately identify wireless devices on your network
  • Detect and prevent rogue APs
  • Detect neighboring APs external to your network
  • Detect misconfigured APs

If WIPS had been enabled, we could have easily saved ourselves a trip because WIPS detects any misconfigured APs. But I get it, it’s all about relationship-building! Go Wi-Fi!

Download A Field Guide to Secure Wi-Fi–Observations From Your Laptop eBook and continue with me on my journey around the world. What Wi-Fi threat will we come across next? Stay tuned!

Until next time,

Mac

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: secure cloud wi-fi, secure wi-fi, small business, small business wifi, small business wireless, WIPS, Wireless access point, Wireless AP, wireless intrusion prevention system

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use