|
|
Programming Help |
Homework Help |
Counseling Astrology Advice | Tarot Advice | Parenting Dating Advice | Love Advice | Divorce Advice Legal Advice | Debt Advice | Career Advice W IRELESS N ETWORK S ECURITY 4-21 Table 4-5. Bluetooth Security Checklist Checklist Security Recommendation Best Practice Should Consider Status Management Recommendations 1 Develop an agency security policy that addresses the use of wireless technology including Bluetooth technology. ! 2 Ensure that users on the network are fully trained in computer security awareness and the risks associated with wireless technology (i.e., Bluetooth). ! 3 Perform a risk assessment to understand the value of the assets in the agency that need protection. ! 4 Perform comprehensive security assessments at regular intervals to fully understand the wireless network security posture. ! 5 Ensure that the wireless "network" is fully understood. With piconets forming scatter-nets with possible connections to 802.11 networks and connections to both wired and wireless wide area networks, an agency must understand the overall connectivity. Note: a device may contain various wireless technologies and interfaces. ! 6 Ensure external boundary protection is in place around the perimeter of the building or buildings of the agency. ! 7 Deploy physical access controls to the building and other secure areas (e.g., photo ID, card badge readers). ! 8 Ensure that handheld or small Bluetooth devices are protected from theft. ! 9 Ensure that Bluetooth devices are turned off during all hours when they are not used. ! 10 Take a complete inventory of all Bluetooth-enabled wireless devices. ! 11 Study and understand all planned Bluetooth-enabled devices to understand any security idiosyncrasies or inadequacies. ! Technical Recommendations 12 Change the default settings of the Bluetooth device to reflect the agency's security policy. ! 13 Set Bluetooth devices to the lowest necessary and sufficient power level so that transmissions remain within the secure perimeter of the agency. ! 14 Ensure that the Bluetooth "bonding" environment is secure from eavesdroppers (i.e., the environment has been visually inspected for possible adversaries before the initialization procedures during which key exchanges occur). ! 15 Choose PIN codes that are sufficiently random and avoid all weak PINs. ! 16 Choose PIN codes that are sufficiently long (maximal length if possible). ! 17 Ensure that no Bluetooth device is defaulting to the zero PIN. ! 18 Configure Bluetooth devices to delete PINs after initialization to ensure that PIN entry is required every time and that the PINs are not stored in memory after power removal. ! |
Find more freelance jobs
|
