They might be surprised, says Meta Group Senior Research Analyst ChrisKozup in Burlingame, Calif. "I've had customers who've done this, andone CIO found 27 rogue access points. That's just one example," hesays. And that's just access points, each of which typically has 10users.

Not only can an audit for WLANs help locate rogue installations, itcan determine how far the WLAN signal is transmitting. Into thehallways? Out in the parking lot? Down the street? If the signal isstronger than it needs to be, the amplification level often can beturned down, or the device can at least be placed away from a window(which doesn't block a wireless signal as well as a wall).

Beyond that, CIOs have five main options in deciding what to do aboutthese WLANs, depending on the sensitivity of the data and how thewireless devices are used.

1 Make the best of what'sthere.

Even though the security built into 802.11b devices is flawed, it'sbetter than nothing. Simply enabling WEP can go a long way toimproving security. Companies that are relying on WEP for keeping outsnoopers will also need strict policies to make sure the key getschanged daily - at the minimum.