The deployment of a wireless network within an organization can introduce additional risk that needs to be properly managed. For example, a guest wireless network that is physically separate from a corporate network could be used to masquerade attacks against other internet hosts, allow attacks against other wireless clients or to access inappropriate internet content.
Furthermore, a corporate wireless network could suffer from weak authentication or be lacking segregation, which could be used by an ex-employees or motivated hackers to penetrate into your internal networks and to launch attacks against organizational assets. With the recent development and vulnerability exploits in the wireless infrastructure, KRACK exploit breaking WPA2 protocol security has raised many serious questions around how secure wireless communication really is.
Effective management of information security risk associated with organizational wireless should ensure a robust and functioning set of controls, including patch, configuration and vulnerability management of wireless access points, wireless LAN controllers, strong network architecture, robust authentication mechanisms and useful protective monitoring. Wireless security testing is conducted by both the RED team (in terms of penetrating the wireless infrastructure) and BLUE team (in terms of reviewing the security architecture, wireless network segmentation, configuration review of the wireless LAN controllers.
Whether associated with a sweep for unauthorized wireless deployments, an audit of a Guest or Bring Your Own Device (BYOD) Wi-Fi implementation or a full assessment of an enterprise grade wireless network access deployment our wireless testing service shall determine whether effective controls are implemented and operating properly. Our team has the equipment and capability to assess the complete and up-to-date range of wireless bands and technologies.
Using a team that comprises experienced penetration testers and wireless security experts and following formal methodologies, DTS will assess a wireless network’s security controls for vulnerabilities and weaknesses across the stack and deliver a detailed report.
The output of the exercise shall position the effectiveness of security associated with the wireless network against best practice and provide a detailed set of issues alongside pragmatic remedial activities that can be used to make improvements to Wi-Fi information security.