Wireless Network Security Best Practices



476250-285750Wireless Network Security Best PracticesIntroductionThe increasing adoption of electronic medical records means that many practices are implementing wireless network and using them to access confidential patient information. Wireless networks provide many benefits over wired networks for the use of EHR systems. These include the ability of a practitioner or nurse to move about the facility with a laptop or tablet and access the system without plugging into a network cable, deployment of PCs and laptops without additional wiring of the facility, and the ability to connect smart phones and tablets to the network.Wireless networks however, bring with them multiple risks that traditional wired networks do not. These risks must be considered when implementing a wireless network and additional security controls should be put in place to address these risks. This document outlines what risks are associated with wireless networks and the best practices for addressing them.RisksThe risks associated with wireless networks include:No physical proximity requirement for connecting to network - Whereas traditional wired networks require physical access to the building or suite to attack the network, with a wireless network an attacker can attack the network from outside the walls of the office. Because of this, an attacker could attack a network and remain undetected for an extended period of time.Sniffing – Sniffing is the process of collecting and viewing network traffic from other devices connected to the network. If a wireless network does not utilize encryption, traffic from all devices can be easily viewable to an attacker. If a wireless network uses weak encryption (WEP) or weak keys, an attacker can use simple tools to derive the encryption key and decrypt the traffic so that it can be viewed.While the connection between the devices and the EHR system may be encrypted using application-level encryption, sniffing is a risk for a number of reasons including:Password reuse – if users reuse their EHR password on other less-secure sites that do not use encryption, an attacker can retrieve those passwords and attempt to use them against the EHR system.Unencrypted PHI –PHI that is not contained within the EHR may pass over the network. This may include email, Word documents, Excel spreadsheets, or instant messaging. These messages could be intercepted by an attacker.Password attacks – Wireless networks that rely on a single wireless key are subject to an attacker running a brute force or rainbow table attack against the network key. This means that the attacker runs a program that attempts to use every possible variation of numbers, letters, and symbols to guess the wireless key. With increasing CPU capabilities, computers are able to perform this task at increasingly high rates.Rogue Access Point – Rogue access points can be:An unauthorized access point connected to the wireless network – If an access point is connected to the wireless network and does not meet the company’s policies regarding security configuration, logging, and auditing, it can open the network up to all of the risks associated with wireless networks.An access point that appears to be on the network but isn’t – An attacker may setup an access point with a name that sounds like it belongs to the company, but isn’t. This could be used to trick the employees into connecting to this rogue access point. At this point, internet traffic could be intercepted and used to gain information on accessing the secure network.Best Practices for Securing a Wireless NetworkThere are a number of standard techniques for securing a wireless network. While no single item on this list will provide strong security by itself, by employing a number of these techniques, a wireless network can be made to be difficult to breach.While all of these items help increase the security of the wireless network a network administrator should evaluate each one to determine which make sense and are reasonable in a given environment.Technical ControlsSelect the correct wireless access point – There are many brands and models of access points available. When selecting a wireless access point (WAP), consider the following:Signal Strength – Consider how much area the access point needs to cover. It is best to cover the area required, but not more. This reduces exposure to attackers gaining access to the wireless network from outside the building or suite. In some situations, it may make sense to purchase a larger number of WAPs that have weaker signal than fewer ones with strong signals. With some WAPs you are also able to configure the strength of the signal. This is helpful because after you install the WAP, you can configure it so that it reaches all required areas but no more.Logging/Monitoring – Logging and monitoring are key elements of security. If you do not have visibility into what is occurring on your network, you are not able to detect unauthorized activity. Ensure that you purchase a device that can log activity such as: failed connection attempts, successful connections, MAC address conflicts. If your network has an existing log-management system, ensure that the device uses a compatible protocol such as SNMP.Encryption – The current standard for wireless encryption is WPA2. Ensure that your device supports the current standards for encryption.Private and Public Networks – If you wish to have the ability for staff or patients to connect personal devices to the network, purchase a device that has the ability to create multiple networks for private and public devices.Plenum-rating – If the device is going to be placed in the plenum area (the area between the ceiling tiles and the actual ceiling), ensure that the device is rated for plenum. This will help ensure that you are meeting fire code.PoE (Power-over-ethernet) – If you are going to be using PoE to power the device, ensure that it has PoE capability.Strong encryption – All wireless networks should utilize encryption. Beyond simply having encryption enabled, one should also ensure that a strong encryption algorithm is used such as WPA-AES or WPA2. WEP is an older form of encryption and should not be used. WEP has known vulnerabilities that can make it easy for an attacker to infer the network key.Secure authentication – Many wireless networks use a simple Pre-Shared Key (PSK) to authenticate the devices. WPA2 provides the ability to use certificate-based authentication or user-specific authentication through Extensible Authentication Protocol (EAP). The use of certificates allows for strong authentication that is not subject to password-guessing attacks such as brute force and rainbow tables. Alternatively, by integrating with a directory such as Active Directory or a RADIUS server, user-specific authentication can allow the wireless network to be made available to only certain individuals and to log connections at the individual level as opposed to the device level.Strong wireless key – If the network is using a Pre-shared key, ensure that it is long in length and complex.Logging and Monitoring – While the above controls are all preventative, it is important to also take steps to detect unauthorized activity. Logging should be enabled on the WAP and some form of monitoring, alerting, or regular log review should be in place. Alerting can include alerts for new devices on the network, failed connection attempts, or other abnormal activity. Monitoring can include monitoring the availability of the network, detecting new wireless networks that may be the result of rogue access points, number of devices connected to the network or bandwidth usage.Change default device passwords – All default passwords such as the administrator password of the device should be changed to a strong password that is known to only required individuals.SSID hiding – By hiding the network name or SSID, the wireless network will not show up on most devices when scanning for wireless networks, thereby reducing the risk of the network being attacked. This provides only limited protection, though, as most “sniffing” tools will be able to detect networks even if the SSID is hidden.MAC Address filtering –Every network card has a unique address called a MAC address. Most wireless access points have the ability to restrict access to only certain MAC addresses. By doing this, you can limit the ability of unauthorized devices to connect to the network even if the person knows the wireless key. This technique provides only limited protection as well, because an attacker can sniff the MAC addresses of devices connected to the network and change their own address to mimic one of these devices.Administrative ControlsAdministrative controls include policies and procedures that should be in place and work together with the technical controls. These include:Wireless Communication Policy – This policy outlines appropriate and inappropriate use of wireless technologies and networks. This may include security standards for wireless networks and policies with regards to who is authorized to make changes to the wireless network. It may also include standards for devices that are allowed to connect to the network; examples may be that all devices may be required to be corporate devices with the latest security updates, firewall, anti-virus, or other security configuration.Wireless Network Monitoring and Audit Policy – This policy will drive what is monitored in regards to wireless networks and what types of audits will take place. Audits can include, but are not limited to: wireless network audit (a walk around the building to detect all available wireless networks), wireless network device inventory including both WAPs and wireless-enabled laptops, tablets, smartphones, etc. A walkthrough can also be used to detect dead spots in the building.Device Inventory - An inventory of all authorized WAPs and devices should be maintained. This can be used during the periodic audits to ensure that no unauthorized devices are connected to the network.Physical ControlsThe following physical controls should be considered to help protect your wireless network:Signal footprint – As described above when thinking about signal strength, you should also consider the footprint when placing your device. It is often best to place the device near the center of the building or area requiring coverage to prevent “leakage” of signal outside the building.Physical access control – The WAP should be placed in a location where it is not accessible by unauthorized individuals. This will prevent tampering of the device.ConclusionWireless networks present a number of risks that do not exist with traditional networks and implementing wireless networks for the purpose of transferring sensitive patient information only increases these risks. However, by selecting reasonable and appropriate administrative, technical, and physical controls the risks associated with wireless networks can be properly mitigated to the extent that the information can be deemed to be reasonably secure.Updates to DocumentDateUserSectionContentVersion9/23/2011CoPAllDocument Creationv1.0 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download