Operations And Maintenance Phase

• Educate Users about the Risks of Wireless Technology

  User awareness is always a critical success factor in effective information security. A good policy is not enough. It is also important to educate all users in following the policy. Best practices or security guidelines should be developed that end users understand and adhere to.

• Keep an Accurate Inventory of All Wireless Devices

An accurate inventory of all authorised wireless devices helps identify rogue access points during security audits. This inventory will also be helpful for a variety of support tasks.

• Publish a Coverage Map of the Wireless Network

Network administrators should develop a coverage map of the wireless network, including locations of respective access points and SSID information. This map is a valuable asset for troubleshooting, or handling a security incident.

• Develop Security Configuration Standards for Access Point

To simplify daily operations and ensure all access points are protected with appropriate measures, it is recommended a baseline security configuration standard for access points be developed. It is not uncommon to see security settings restored to their default factory settings after an access point is reset, which usually occurs when the access point experiences an operational failure. If a baseline security configuration standard is available, appropriate personnel can simply follow the standard settings to re-configure the access point.

• Review Audit Logs Regularly

Regular checking of log records must be performed, to ensure the completeness and integrity of all logs. Any irregularities spotted must be reported and a detailed investigation should be carried out if necessary.

• Develop Incident Response Procedures

It is recommended that administrators develop a set of in-house procedures for incident response, and update these procedures from time to time to address new potential security threats.