The access to private wireless networks must be restricted through user credentials and authorized MAC addresses.
When the restriction access through user credentials and MAC addresses is applied, it helps to protect against various Wi-Fi attacks, such as unauthorized access, on-path and rogue devices within the wireless range. By allowing only specific MAC addresses and access with proper credentials, the network administrator can control which devices are permitted to connect.
This requirement is verified in following services
- CIS-13_9. Deploy port-level access control
- SOC2®-CC6_6. Logical and physical access controls
- NIST Framework-PR_AC-5. Network integrity is protected
- NY SHIELD Act-5575_B_6. Personal and private information
- PA-DSS-6_1. The wireless technology must be implemented securely
- PA-DSS-6_2. For wireless technology, implement strong encryption for authentication and transmission
- CMMC-AC_L2-3_1_12. Control remote access
- CMMC-AC_L2-3_1_16. Wireless access authorization
- CMMC-AC_L2-3_1_17. Wireless access protection
- CMMC-CM_L2-3_4_5. Access restrictions for change
- CMMC-SC_L1-3_13_1. Boundary protection
- HITRUST CSF-01_i. Policy on the use of network services
- HITRUST CSF-09_m. Network controls
- ISO/IEC 27002-8_21. Security of network services
- ISA/IEC 62443-IAC-1_6. Wireless access management
- ISA/IEC 62443-UC-2_2. Wireless use control
- ISSAF-G_14. Network security - Firewalls (countermeasures)
- ISSAF-L_3_1. Network security - WLAN security (types of threats)
- NIST 800-171-1_16. Authorize wireless access prior to allowing such connections
- NIST 800-115-4_4_1. Passive wireless scanning
- C2M2-9_2_c. Implement network protections for cybersecurity architecture
- PCI DSS-2_3_1. Wireless environments are configured and managed securely
- PCI DSS-9_2_3. Physical access controls manage entry into systems containing data
- SIG Lite-SL_148. Is there a process that requires security approval to allow external networks to connect to the company network, and enforces the least privilege necessary?
- CAPEC™-700. Network Boundary Bridging
- ISO/IEC 27001-8_21. Security of network services
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.