February 24, 2005

Demand better security from vendors

I was helping a friend this week by checking to see if his wireless network was secure enough. He followed the standard installation and I was surprised at what I saw.

Encryption was not turned on.
MAC addresses were not filtered to only allow certain MAC addresses access.

In essence, anyone within range of his wireless network could access the network without any problems at all. Things need to be secure by default. Have a description during the install that mentions what this setting does and allow the user to make a decision, knowing the consequences of choosing one option or another.

No comments: