Wireless Audits are performed to document the use of wireless technology at a given facility to ensure compliance with a company’s policy and known wireless networks. BYOD (bring your own device) policies allow employees and contractors to bring their own mobile devices into the workplace, and many of these mobile devices such as smart phones and tablets can create their own hotspot. When a user turns on their hotspot on their device, and then connects that device to their laptop or corporate network, they are creating a bypass route for Internet traffic to pass unfiltered around the corporate firewall and directly into corporate assets.
We have found that SCADA and Industrial Control System operators are also connecting their smart phones and tablets to their control system workstations to charge their devices or synch data with them, and in the meantime, they are unaware that they may be bridging the Internet directly into the plant control networks.
To further complicate things, control system vendors are building WiFi, Bluetooth, WirelessHART, ISA100, and Zigbee wireless technologies directly into their products. Often the vendors and the users of these industrial wireless systems are not aware of how to deploy these industrial wireless systems in a secure manner. This adds additional operational risk to the plant control networks.
It is a good practice to routinely perform wireless audits to scan, identify, and log the use of wireless technologies in place at a corporate or industrial facility. Since industrial plant equipment utilize more than just the WiFi frequencies, it is important to ensure that wireless audits include: 802.11 a/b/g/n, Bluetooth, Zigbee, and the 900 MHz spread spectrum frequency ranges.