GAO: Wireless security ignored by agencies
- By William Jackson
- Jun 03, 2005
More than two years after the National Institute of Standards and Technology warned of the security risks posed by wireless networks, a new study shows that government agencies have done little to improve wireless security.
'Despite the risks associated with wireless networks, federal agencies have not fully implemented key controls for securing these networks,' the Government Accountability Office concluded in a report released late last month.
GAO recommended that the Office of Management and Budget require agencies to incorporate wireless security into their information security programs under the Federal Information Security Management Act.
Among GAO's findings at 24 executive branch agencies: Nine agencies have no policies on wireless networks, 13 have no configuration requirements for wireless equipment, 14 do not monitor to ensure compliance with wireless policies and 18 have no wireless security training programs.
To read the GAO report, go to www.gcn.com
and enter 426 in the GCN.com/box.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.