Rather than implement a clever knocking sequence to activate an access point, a simpler / cheaper method would be to plug the access point into a timeswitch. Unless the security audits are carried out (say) between 4pm on a Friday and 9am on a Monday, there’s no access point to detect. (The timeswitch is more noticeable on a physical inspection, however).

As well as Bluetooth, consider also the possibilities for networking opened up by mobile phones / GM GSM devices: worldwide accessibility, difficulty distinguishing between legitimate and illegitimate radio traffic, and network access only on demand.