With the growing usage of WLANs, e.g. in a business environment, the danger of unethical data capturing increases significantly. The WLAN security threats are listed below.Setting up a rogue access pointA rogue access point (AP) is a unknown wireless AP that has been installed on the secured network without any authorization from the administrator. The rogue AP is usually set up on a business or a government network by a mean attacker. The intention of hacker is usually breaking the organization for his/her own benefits. This is a common security threat that’s often used by attackers to trick businesses into believing that they are connecting to a right AP. In reality, tricked people are falling into a trap that has been set up by a hacker to capture confidential data from the company.To prevent this, companies can install WIPS (Wireless intrusion prevention system) to monitor the radio waves of unauthorized APs, and take appropriate actions.Evil twin access pointsA rogue access point can easily announce the same SSID (Service Set Identifier; network name) as that of a valid AP. It can easily cheat WiFi users to connect to them because they can’t recognize correct AP. It is not very difficult to create an evil twin AP for mean aims. Some tools have made this like a child’s play. It allows people to fake APs, capture passwords, collect data and hold browser-based attacks against clients.Server authentication is the only way to defense against this threat.Stolen or lost WiFi device threatsThis is a lesser known threat and it is ignored by the most. People might have locked their business WiFi with the most powerful security, but there will be a big problem when they lose the device with which they used to get onto the same network.It can be a smartphone, a laptop, a tablet or even a PC. Whoever take over the device, will be in a position to access the network based on the saved data on the device, (if he/she’s able to break the password of the device itself). So, ff there’s no password, it gets a lot easier. People can easily see that this is a big problem.To prevent this, person who lose a device connected to business network, should try to remotely lock or wipe out the device as soon as it is possible. It is also necessary to change all WiFi passwords in the business network as soon as the loss is noticed.Configuration issuesConfiguration issues often lead up to vulnerabilities, and may go to make significant security threat on business WiFi. Such issues usually come up when standalone APs were managed by individuals. These days, the problem is moderate to some degree of control, thanks to the more centrally-managed WLAN. A few benefits of these are: improved reliability and lower risk.It is not allowed to use individually-managed APs in the business network.The age-old WPS threat vectorWPS or WiFi protected setup was mainly deployed to make easier for users to secure their router from major security threats at the simplest way: just click of a button or enter a PIN. Unfortunately, WPS security had several loopholes that were easily found out mostly by the cheaters.These loopholes were discovered a few years ago. On this account most of credible vendors have patched this up in the best possible manner. There is no certainty that everyone did it. Prevention of this threat is simple: turn the WPS off.