Security Risks for Mobile Computing on Public WLANs: Hotspot Registration
by Simon Ford - International Director at NCP Engineering - Monday, 25 August 2008.
Inspection of security-relevant parameters

An additional important component of the implementation of company wide security directives for mobile computing on hotspots is central management of client software. With central security management, the administrator also fundamentally determines the client’s firewall rules. It can enforce adherence in which the user allows no on-site possibility of an intended or unintended change. Additionally, further security-relevant parameters such as the status of virus protection programs, operating system patch status, and software release of the VPN client must be inspected upon connection to the company network. Access to the productive network is only authorized after the clearance of all security risks.

Bottom Line

A prerequisite for secure remote access in WLANs is end-to-end security, with dynamic interlocking security technology. The use of a VPN client with an integrated, intelligent personal firewall and strong user authentication is state of the art in this scenario. The firewall rules must automatically adapt to registering onto and logging off of the hotspot, and they must be inspected within the framework of an integrated endpoint security system with each connection. Only in this way can administrators and users be consistently sure that they are securely sealing off terminal devices and data, and signing off the company network.


More than 900 embedded devices share hard-coded certs, SSH host keys

SEC Consult analyzed firmware images of more than 4000 embedded devices of over 70 vendors and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Nov 30th