| Designing Access Controls |
| Choose the Access Control Methods |
| If your environment cannot support either 802.1X or WPA/WPA2, you can |
| implement static WEP. However, static WEP is seriously flawed and not |
| recommended. |
|
|
N o t e | The guidelines above were formulated under the assumption that you have |
| control over the equipment that accesses your private wireless zone. If your |
| organization allows employees to bring their own equipment, you must do |
| some extra work to ensure that this equipment meets the standards for your |
| wireless zone. |
|
|
Vulnerability and Risk Tolerance
How vulnerable is the network? How much risk can your company tolerate?
Your network contains sensitive data, which makes it an inviting target for hackers. In your needs assessment, you evaluated your company’s risk toler- ance. Essentially, you determined the consequences to your company if your security were breached and data were stolen or damaged.
As mentioned before, it is difficult to estimate the exact amount of money your company could lose if such a breach occurred. However, the loss of revenue could be substantial. For example, your company might be legally liable so you would need to consult a lawyer to gauge those potential costs. In addition, you company would undoubtedly lose some
If your company has a low risk
Companies today, however, rarely have a medium or high risk tolerance. Because companies rely on their networks for nearly every business function, they must take every step to protect the private zones on their networks with the highest security
