Avoid Using MAC Filtering for Wireless Access Control
Do not use MAC address filtering to control devices connecting to your wireless network.
Plain language
The control advises against using MAC address filtering to decide which devices can connect to your wireless network. This is crucial because MAC addresses can be easily faked, meaning someone with the right skills could pretend to be an authorised device and gain access to your network, potentially compromising your security.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Aug 2018
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for networkingSection
Wireless networksOfficial control statement
MAC address filtering is not used to restrict which devices can connect to wireless networks.
Why it matters
Relying on MAC filtering can permit unauthorised wireless access, as attackers can easily spoof permitted MAC addresses.
Operational notes
Verify WLAN configs have MAC filtering disabled; enforce WPA2/3-Enterprise with 802.1X, and review settings after changes.
Implementation tips
- Business owners should evaluate alternative ways to control access to the wireless network, like using strong passwords and advanced encryption. This can be done by consulting with a trusted IT professional to set up these safer measures.
- The IT team should disable the MAC filtering feature on the wireless router's settings. They can access the router's admin interface and find the option to turn off MAC address filtering, usually under the security or access control settings.
- IT administrators should implement WPA3 encryption on the wireless network to ensure more secure access. This involves updating the network settings on the router to enable WPA3 if supported, or at least WPA2 if WPA3 is unavailable.
- Managers should educate staff about the importance of using strong and unique passwords for connecting to the wireless network. They can conduct a quick training session and share guidelines on creating strong passwords.
- Business owners should set up regular reviews of wireless network security settings. This can be achieved by scheduling periodic meetings with the IT team to review and update wireless security configurations, ensuring only the latest secure methods are used.
Audit / evidence tips
-
Askthe router's configuration documentation: Request a printout or screenshot of the router settings showing disabled MAC filtering
Goodshows MAC filtering clearly marked as 'disabled'
-
Aska security policy document: Request the document detailing why MAC filtering is not used in the network
Goodexplains the vulnerabilities of MAC filtering and the chosen alternative security measures
-
Askmeeting notes on security reviews: Request documentation from the latest wireless security review meeting
Goodincludes notes showing MAC filtering review and alternative measures considered
-
Askto see staff training records: Request evidence of training sessions on secure wireless practices
Goodincludes a list of attendees and the topics covered about secure network access
-
Aska list of authorised devices: Request a list of devices that have been given access to the wireless network through secure methods
Goodshows device authorisation being managed through secure, alternative methods, not MAC addresses
Cross-framework mappings
How ISM-1320 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 8.20 | ISM-1320 requires that MAC address filtering is not used to restrict which devices can connect to wireless networks, because it is not an... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.