… then it’s unmanaged and open to exploit. As happened with a customer in mid-2004.
“We’re detected a wireless router plugged into the customers network, what do you want me to do?”
Wait 5 while I see if it’s authorised… (it’s not)
‘Unplug that sucker!’
Customer complaint rolls in, with justification as follows:
- It’s an executive PA who’s using the link
- We’re using strong encryption (they were not, it was WEP)
- We keep the encryption key closely guarded.
In the rush to fix an Executive PA’s LAN link, the customer broke their own security model.
With the backing of the customer’s security group, we said “It’s not being connected again.”
And the original problem was fixed next day.