Assessment of NRC’s Wireless Devices
Report Information
Recommendations
Install tamper-evident systems on SLES wireless and wired clients (such as tamper-evident tape on the wireless client external case, the non-volatile random access memory (NVRAM) battery, and the solid-state drive) to enhance detection of unauthorized access to internal components; and perform periodic checks to ensure the tamper evident systems have not been disturbed.
Conduct a system engineering trade study to determine the feasibility of installing drive encryption software on SLES wired and wireless clients for operating system and file protection, and implement drive encryption if justified by the trade study.
Disable auto-run on all SLES wireless clients for administrator and user accounts.
Use administrative passwords for SLES wireless clients that are at least 15 characters long, or configure the Windows XP Embedded operating system on the wireless client to prevent storage of LAN Manager hash password values in the security accounts manager database
Deploy an improved detection and reporting process for unauthorized connections to SLES wireless access points and internal scanning activity on SLES.