What is a Wireless security assessment?
Wireless security testing is the process of identifying and exploiting vulnerabilities within wireless networks which are in use by your organisation. Exploitation can allow access to internal network systems and services leading to the exposure of sensitive information or direct access to user workstations or business critical devices.
Why Conduct A Wireless Security Assessment?
Wireless networks are often compromised, not through targeted and determined attacks, but as a crime of opportunity based upon the weakest implementation identified.
A method often referred to as “Wardriving” is when an attacker will drive around an area monitoring and capturing wireless data. After reviewing their findings, they will then pick the easiest, least secure network to access.
Weak encryption standards, insecurely configured network segmentation or individual devices connected to multiple networks are a number of ways in which a wireless network may present a security risk to your organisation.
Any wireless network which is utilised by your organisation could create a potential remote access point for an attacker to access your company resources and should be an important consideration for any security assessment.
As part of our approach, our Penetration Testers use a combination of the most effective automated tools and manual exploitation techniques to identify vulnerabilities across your wireless SSID’s.
Our extensive reports provide a thorough assessment of each vulnerability and provide business context alongside each finding. This is supplemented by technical and non-technical descriptions including evidence of exploitation to assist in prompt remediation activities and provide a thorough understanding of each issue.
A Wireless Assessment and report will allow your business to:
- Receive assurance around your organisation’s wireless security posture
- Understand each risk which may be present within your current wireless implementation
- Make ongoing improvements to your wireless security via specialist support, advice and consultancy.
- Gain access to a dedicated team of specialist CREST Registered penetration testers who use the latest tools and techniques to accurately assess and identify emerging threats
+ Q: Why do I need a Wireless Security Assessment?
Wireless networks can present a method of remotely accessing your company network and assets, which can be convenient for your staff members, but is also convenient for an attacker.
Whether a wireless network is configured to be visible or hidden it can still be found by someone who wishes to gain access and ensuring a securely configured wireless network should be an important consideration for any organisation.
+ Q: Which Wireless Networks should be tested?
Any wireless network which connects directly to an internal company network should be a direct consideration for any security assessment as its compromise could provide direct access to systems, services and data which is considered to be business critical.
Additionally, any Guest or Internet only networks should also be a consideration for assessment, to ensure segmentation from the corporate network is implemented as intended. Also, if staff members utilise these networks at various points during the day it could expose company devices to attack.
+ Q: What will I receive after the test has been completed?
The deliverable from any Wireless Assessment is a complete report, detailing and contextualising each identified vulnerability against your business and relaying the risks that each issue poses to your systems and services.
The report provides a complete description of what each identified issue is, specific remediation advice on how to address the issue, and detailed evidence, wherever necessary to verify the issues impact.