T5.4.7 - WIRELESS ACCESS Implementation Guidance

Back to T5.4.7 - P2 - WIRELESS ACCESS

Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication.

Authentication controls should be implemented to control access to wireless networks. In particular, special care is needed in the selection of controls for wireless networks due to the greater opportunities for undetected interception and insertion of network traffic.

Entities should consider a number of actions to limit unauthorized use of wireless communications outside its boundaries include, for example:

• Reducing the power of wireless transmissions so that the transmissions are less likely to emit a signal that can be used by adversaries outside of the physical perimeters of organizations

• Employing measures such as TEMPEST to control wireless emanations

• Using directional/beam forming antennas that reduce the likelihood that unintended receivers will be able to intercept signals

Prior to taking such actions, entities can conduct periodic wireless surveys to understand the radio frequency profile of its information systems as well as other systems that may be operating in the area.

Back to T5.4.7 - P2 - WIRELESS ACCESS