Wireless tip: Don't hide from risk

The best wireless network security is to not have a wireless network, according to Defense and intelligence experts who spoke today at a conference in Washington, D.C., sponsored by E-Gov, which is part of FCW Media Group.

But because that is not always a practical solution, they offered other tips to keep intruders out of the network and to keep data safe.

Perhaps the most important safety precaution is acknowledging the risk, said Kevin Marlowe, acting director of systems network engineering at the Joint Systems Integration Command, a subcommand of the U.S. Joint Forces Command.

"Calculate the risk, figure out whether you can accept that risk and mitigate it," he said.

"Risk doesn't have to be zero for us to use a product," said Timothy Havighurst, a systems architect at the National Security Agency. "Sometimes the convenience of these systems outweighs the risks."

No wireless device or network can ever be completely secure, said Atul Prakash, a professor at the University of Michigan's electrical engineering and computer sciences division.

Ask a vendor representative if a product is completely secure, he said. "If they say yes, you're probably talking to a marketing guy or a salesman," he said. "If you're talking to a security expert, they will hedge."

Agency officials must deal with the real world of commercial technology, Havighurst added. "Soon you will not be able to buy a laptop without" wireless connectivity, he said. "Soon you will not be able to buy a [wireless] phone without a camera. These are things we disallow, but industry is moving on."

Agency employees sometimes push their bosses to move faster in technology adoption, he said. When managers set a policy forbidding some wireless devices, employees will often argue that operational need justifies changing the rules.

"Sometimes those are legitimate reasons," Havighurst said. "Sometimes they're not. Sometimes they just want something because it's really cool."

Marlowe offered a list of tips for making wireless networks safer, including:

Change factory settings in the routers. Hackers know the common default passwords and other information that makes intrusion easy if they're not changed.

Enable the router's session timeout feature so that if no data passes through it after a set period of time, it shuts down.

Set routers to the lowest feasible power, so they keep the network devices connected without opening the door wider than necessary.

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.