StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Wireless Security Policy - Assignment Example

Cite this document
Summary
A wireless network may be described as the wireless connectivity of computer networks generally using, but not limited to, radio waves. The connectivity links business enterprises, telecommunication networks and homes while avoiding the costly and labor intensive cabling infrastructures (NIST, 2003)…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.6% of users find it useful
Wireless Security Policy
Read Text Preview

Extract of sample "Wireless Security Policy"

? Wireless Security Policy Wireless Security Policy Wireless Security Policy A wireless network may be described as the wireless connectivity of computer networks generally using, but not limited to, radio waves. The connectivity links business enterprises, telecommunication networks and homes while avoiding the costly and labor intensive cabling infrastructures (NIST, 2003). The implementation and administration of radio communication in the wireless networks occurs at the physical layer of the Open Systems Interconnection, or OSI, model (Rus & Donohue, 2010). This paper will address a wireless security policy for a medium sized banking organization, highlighting the policy overview, purpose, scope, applicability and security requirements. It will also address wireless network requirements, device requirements, standards supported by the organization, ethical guidelines and policy enforcement. Wireless Security Policy Overview Wireless networks occur in various forms, which are wireless PAN (WPAN), wireless LAN (WLAN), wireless WAN (WWAN), wireless MAN (WMAN), wireless mesh networks and cellular networks. Devices in relatively small physical areas are connected through WPAN. WLANs link several devices over short distances via wireless distribution methods such as internet access points, allowing users connection and mobility simultaneously. WMANs link a number of WLANs while WWANs cover large geographical areas, like neighboring cities and towns. For a banking organization, policies create a foundation on which all security initiatives are built. Therefore, the bank needs to come up with standards and policies on data integrity and confidentiality while putting into consideration security levels imposed by government regulation (NIST, 2003). Purpose and Scope The key purpose of wireless network security in a bank is to allow employees freedom of mobility while accessing the network to deliver better customer service without compromising the confidentiality of both the customers’ and the organization’s information (Goldsmith, 2005). The security measures implemented should protect the wireless signals from their vulnerability to eavesdropping and meet audit requirements. Since standards for wireless network security emerge and evolve continuously with technological developments, the bank must keep abreast with the changes to avoid being exposed to reputation and strategic risks. The bank’s ability to avoid or manage the risks is dependent on the effectiveness of its management and board oversight; effectiveness of procedures and policies to implement and run wireless projects; the network’s capacity and reliability; the business continuity plan’s adequacy; and the actions taken to monitor undesirable events. Applicability The applicability of the security system should accord clients seamless interactions with the bank and their accounts. This means it must be structured specifically for the requirements of non-company users while prohibiting incidents such as personal use by employees or sending financial records over the network. Although WLANs typically provide unrestricted access to the Internet and an organization’s entire network, the bank should consider blocking its wireless subnets from its Intranet and intranet. It must be specified who has the authority to use the WLAN as well as their level of access. Regardless of the way access is allowed, it is essential that the scope of access is determined and defined clearly in the bank’s wireless security policy and implementation (Pahlavan & Krishnamurthy, 2009). The CEO and the head of the technical department should be the only ones with exclusive access to critical information, and the policy should also stipulate that access by one of them should be known by the other. Wireless Network Security Requirements The internal department that will be given the responsibility of deploying the wireless access points (WAPs) and the devices, also known as stations, to be used within the network, should also be determined. The WAPs are central points, acting like hubs, creating basic service sets that bridge stations from the wireless network to others. Stations make up the clients of the wireless network, and include laptops, desktop computers, mobile phones and PDAs, which must be protected by use of passwords. If the bank does not clearly spell out the team that will deploy these two aspects of the wireless network, it runs the risk of employees installing their own WAPs (rogue WAPs) or stations, even if they may only be innocently seeking convenience, and punch holes in the security system. However, the rogue WAPs could also be installed intentionally out of malice for the purpose of extending access to unauthorized users. Therefore, minimum physical standards for security purposes should be defined for WAP locations, as well as the employees who will be granted physical access to them. The ideal situation would be to locate them in rooms with controlled access on the inside walls of the bank. The coverage range should strictly be adjusted to the limits of the bank’s physical boundary (Pahlavan & Krishnamurthy, 2009). Wireless Network Access Requirements Among the defined minimum measures on all the WAPS should be changing the default service set identifier (SSID) to one that will not reveal the bank’s name and business market, disabling the broadcast feature of the SSID. Access to the network should also be via passwords and user authentification. That will make the work of eavesdroppers more challenging. Wireless Device Requirements A wireless networking can either be in the infrastructure mode, also known as basic service set (BSS) or ad hoc mode, also known as independent basic service set (IBSS) (Goldsmith, 2005). The IBSS mode is comparable to peer-to-peer networking, meaning no WAPs exist in the wireless network to bridge stations. Instead, each station communicates directly with any other within the same network. On the other hand, at least one WAP will exist in the BSS mode, and multiple WAPs will give rise to an extended service set. Any traffic flow, either to a station or from a station will first pass via the WAP which could be connected to other networks. This calls for a firewall to be placed between them. The bank should prohibit the IBSS mode at all costs, which will reduce the chances of malicious employees extending the network to outsiders. Wireless Standards Supported by the Organization Wireless encryption should be enabled, and the utilization of either Wi-Fi Protected Access Advanced Encryption Standard (WPA2) or Wi-Fi Protected Access-Temporal Key Integrity (WPA-TKIP), mandated. The two encryption schemes make use of strong coding models. The Advanced Encryption Standard, which uses a cipher known as Rijindal, is stronger and recognized as a standard for security in systems of classified data (Goldsmith, 2005). Policy Enforcement The new security policies shall be enforced by instilling minimum ethical conduct and each employee encouraged to be responsible with their usage of the network. There should also be scheduled and random security assessments to guarantee continuous security. Tailored training for both IT department and the users must be planned to prepare the entire bank for networks deployment, how it will be used, managed and kept secure (NIST, 2003). Ethical Guidelines Associated with Wireless Networks in the Organization The bank shall set minimum expected levels of responsibility for all employees in how they conduct their use of the infrastructure. Each user must exercise due diligence in protecting the network and avoid abuse. A culture of employees being responsible custodians of equipment under their care will be developed. Terms and Definitions Rogue: These are devices on the network that the administrator may not be aware of, but compromises the security of the system. Station: Also known as devices, they are the media through which users use the information on the network and they include computers and mobile phones WAP: Wireless Access Point, which acts as a hub through which devices can access the wireless network and be linked to each other. WLAN: Wireless Local Area Network, used in the linking of several devices over short devices through access points. WMAN: Wireless Metropolitan Networks, which link several WLANS. WPAN: Wireless Personal Area Network, used in the wireless connecting of devices in small areas, like within the home or an office. WWAN: Wireless Wide Area Networks, for the wireless connection of users over large geographical locations. References Goldsmith, A. (2005). Wireless communications. Cambridge: Cambridge University Press. National Institute of Standards and Technology (NIST). (2003). Wireless network security. New York: Author. Pahlavan, K., & Krishnamurthy, P. (2009). Networking fundamentals – Wide, local and personal area communications. New York: Wiley. Rus, W., & Donohue, D. (2010). CCIE routing and switching. Indiana: Cisco Press. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Wireless Security Policy Assignment Example | Topics and Well Written Essays - 1250 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1479641-wireless-security-policy
(Wireless Security Policy Assignment Example | Topics and Well Written Essays - 1250 Words)
https://studentshare.org/information-technology/1479641-wireless-security-policy.
“Wireless Security Policy Assignment Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1479641-wireless-security-policy.
  • Cited: 0 times

CHECK THESE SAMPLES OF Wireless Security Policy

Essential Components of a Wireless Security Policy, the Difference of Wireless and Wired LAN Security Policy

The paper "Essential Components of a Wireless Security Policy, the Difference between Wireless and Wired LAN Security Policy" discusses that essential components of the Wireless Security Policy are the mandatory change of password for the Wi-Fi Protected Access (WPA).... The Wireless Security Policy includes a list of standard devices allowed to connect to the wireless local area network.... In some instances the organization's Wireless Security Policy only allows the devices supplied by the organization to connect to its wireless local area network....
3 Pages (750 words) Research Paper

Importance of Internet Security

wireless security requires addressing different aspects when compared with the case of wired networks.... hellip; For example, the policy information in a company should only be known by the executive management.... Internet security Name: Course: Tutor: Date: SECTION A 1.... This question is concerned with basic terminology in computer security.... (a) What are the main goals in computer security?... The main goals of computer security are Confidentiality- entails verification of information's privacy....
17 Pages (4250 words) Coursework

Wireless Communications - Benefits and Risks

This paper critically evaluates the details of prevailing wireless technologies, their business benefits, associated security risks and the current mitigation strategies recommended by wireless security experts.... large number of business & educational journals & white papers have emphasized the security issues of wireless communications and need for stringent controls given that enhanced accessibility features of such technologies have also given birth to substantial access control vulnerabilities thus giving chance to unauthorized intruders to access the business resources of organizations....
13 Pages (3250 words) Essay

Mobile and Wireless Security

Thus there exists a requirement to formulate and implement a Wireless Security Policy to disallow unauthorized access to the corporate networks using wireless media and allow only approved and authenticated users to be connected.... The aim of the policy is to lay down standards for establishment of wireless connection from remote location to the XYZ corporate intranet.... The policy also gives out detailed system requirements to be in place before the remote user is actually allowed access to the corporate resources....
5 Pages (1250 words) Essay

Wireless Security Best Practices Guide for Business

Forget about the new trends, managing and maintaining the existing ones is so important that any misuse… Keeping this in mind every organization is in search of a good security policy to be jotted down which when followed keeps the company in safe hands.... This paper is all about the security policy which Every company in today's world is run on wireless network technology.... As it is defined in RFC 2196, the IETS's site Security Handbook, a security policy is a formal set of rules through which people who are given access to organization's technology and information assets must abide to....
9 Pages (2250 words) Essay

Voice over Wireless Fidelity

In the organization's individuals setting up the network sometimes fail to understand the security requirements.... However, there is substantial variation in the security measures built into these networks.... The paper starts with a brief introduction of wireless fidelity and then discusses issues in wireless fidelity and disadvantages.... hellip; Wi-Fi is a wireless technology works like a cell phone and offers fast and effortless connection from anywhere within the range of a base station....
8 Pages (2000 words) Term Paper

Wireless Network Security Appliances

wireless security appliancesDFL-CPG310 Wireless firewall/VPN security applianceDFL-CPG310 provides security to the network by acting as a Firewall to the network, so that packets do not intrude into the network.... There has been the need to have security in the wireless networks with the increase in the wireless devices which have been Abstract With the advent of many wireless technologies, there are many attacks that are geared towards wireless networks.... There has been the need to have security in the wireless networks with the increase in the wireless devices which have been introduced into the market....
7 Pages (1750 words) Essay

Current Trends in Information Security

The paper "Current Trends in Information security" examines the significant current threats to information security and the most important controls that WebCenter should be considered as a priority to mitigate the risks of these threats being realized.... hellip; The primary objectives of information security are; integrity, confidentiality, and availability.... Current threats to information security The two major threats to information security include; phishing and hackingPhishingPhishing, also known as “carding” or “brand spoofing,” refers to a form of social engineering where an attacker, known as a phisher, deceptively retrieves data of a legitimate user's confidential information by copying electronic communications from an organization in an automated manner (Shi and Saleem 2012)....
8 Pages (2000 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us