Security Risks for Mobile Computing on Public WLANs: Hotspot Registration
by Simon Ford - International Director at NCP Engineering - Monday, 25 August 2008.
Inspection of security-relevant parameters

An additional important component of the implementation of company wide security directives for mobile computing on hotspots is central management of client software. With central security management, the administrator also fundamentally determines the client’s firewall rules. It can enforce adherence in which the user allows no on-site possibility of an intended or unintended change. Additionally, further security-relevant parameters such as the status of virus protection programs, operating system patch status, and software release of the VPN client must be inspected upon connection to the company network. Access to the productive network is only authorized after the clearance of all security risks.

Bottom Line

A prerequisite for secure remote access in WLANs is end-to-end security, with dynamic interlocking security technology. The use of a VPN client with an integrated, intelligent personal firewall and strong user authentication is state of the art in this scenario. The firewall rules must automatically adapt to registering onto and logging off of the hotspot, and they must be inspected within the framework of an integrated endpoint security system with each connection. Only in this way can administrators and users be consistently sure that they are securely sealing off terminal devices and data, and signing off the company network.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th