Wireless Security Policy - Assignment Example

? Wireless Security Policy Wireless Security Policy Wireless Security Policy A wireless network may be described as the wireless connectivity of computer networks generally using, but not limited to, radio waves. The connectivity links business enterprises, telecommunication networks and homes while avoiding the costly and labor intensive cabling infrastructures (NIST, 2003). The implementation and administration of radio communication in the wireless networks occurs at the physical layer of the Open Systems Interconnection, or OSI, model (Rus & Donohue, 2010). This paper will address a wireless security policy for a medium sized banking organization, highlighting the policy overview, purpose, scope, applicability and security requirements. It will also address wireless network requirements, device requirements, standards supported by the organization, ethical guidelines and policy enforcement. Wireless Security Policy Overview Wireless networks occur in various forms, which are wireless PAN (WPAN), wireless LAN (WLAN), wireless WAN (WWAN), wireless MAN (WMAN), wireless mesh networks and cellular networks. Devices in relatively small physical areas are connected through WPAN. WLANs link several devices over short distances via wireless distribution methods such as internet access points, allowing users connection and mobility simultaneously. WMANs link a number of WLANs while WWANs cover large geographical areas, like neighboring cities and towns. For a banking organization, policies create a foundation on which all security initiatives are built. Therefore, the bank needs to come up with standards and policies on data integrity and confidentiality while putting into consideration security levels imposed by government regulation (NIST, 2003). Purpose and Scope The key purpose of wireless network security in a bank is to allow employees freedom of mobility while accessing the network to deliver better customer service without compromising the confidentiality of both the customers’ and the organization’s information (Goldsmith, 2005). The security measures implemented should protect the wireless signals from their vulnerability to eavesdropping and meet audit requirements. Since standards for wireless network security emerge and evolve continuously with technological developments, the bank must keep abreast with the changes to avoid being exposed to reputation and strategic risks. The bank’s ability to avoid or manage the risks is dependent on the effectiveness of its management and board oversight; effectiveness of procedures and policies to implement and run wireless projects; the network’s capacity and reliability; the business continuity plan’s adequacy; and the actions taken to monitor undesirable events. Applicability The applicability of the security system should accord clients seamless interactions with the bank and their accounts. This means it must be structured specifically for the requirements of non-company users while prohibiting incidents such as personal use by employees or sending financial records over the network. Although WLANs typically provide unrestricted access to the Internet and an organization’s entire network, the bank should consider blocking its wireless subnets from its Intranet and intranet. It must be specified who has the authority to use the WLAN as well as their level of access. Regardless of the way access is allowed, it is essential that the scope of access is determined and defined clearly in the bank’s wireless security policy and implementation (Pahlavan & Krishnamurthy, 2009). The CEO and the head of the technical department should be the only ones with exclusive access to critical information, and the policy should also stipulate that access by one of them should be known by the other. Wireless Network Security Requirements The internal department that will be given the responsibility of deploying the wireless access points (WAPs) and the devices, also known as stations, to be used within the network, should also be determined. The WAPs are central points, acting like hubs, creating basic service sets that bridge stations from the wireless network to others. Stations make up the clients of the wireless network, and include laptops, desktop computers, mobile phones and PDAs, which must be protected by use of passwords. If the bank does not clearly spell out the team that will deploy these two aspects of the wireless network, it runs the risk of employees installing their own WAPs (rogue WAPs) or stations, even if they may only be innocently seeking convenience, and punch holes in the security system. However, the rogue WAPs could also be installed intentionally out of malice for the purpose of extending access to unauthorized users. Therefore, minimum physical standards for security purposes should be defined for WAP locations, as well as the employees who will be granted physical access to them. The ideal situation would be to locate them in rooms with controlled access on the inside walls of the bank. The coverage range should strictly be adjusted to the limits of the bank’s physical boundary (Pahlavan & Krishnamurthy, 2009). Wireless Network Access Requirements Among the defined minimum measures on all the WAPS should be changing the default service set identifier (SSID) to one that will not reveal the bank’s name and business market, disabling the broadcast feature of the SSID. Access to the network should also be via passwords and user authentification. That will make the work of eavesdroppers more challenging. Wireless Device Requirements A wireless networking can either be in the infrastructure mode, also known as basic service set (BSS) or ad hoc mode, also known as independent basic service set (IBSS) (Goldsmith, 2005). The IBSS mode is comparable to peer-to-peer networking, meaning no WAPs exist in the wireless network to bridge stations. Instead, each station communicates directly with any other within the same network. On the other hand, at least one WAP will exist in the BSS mode, and multiple WAPs will give rise to an extended service set. Any traffic flow, either to a station or from a station will first pass via the WAP which could be connected to other networks. This calls for a firewall to be placed between them. The bank should prohibit the IBSS mode at all costs, which will reduce the chances of malicious employees extending the network to outsiders. Wireless Standards Supported by the Organization Wireless encryption should be enabled, and the utilization of either Wi-Fi Protected Access Advanced Encryption Standard (WPA2) or Wi-Fi Protected Access-Temporal Key Integrity (WPA-TKIP), mandated. The two encryption schemes make use of strong coding models. The Advanced Encryption Standard, which uses a cipher known as Rijindal, is stronger and recognized as a standard for security in systems of classified data (Goldsmith, 2005). Policy Enforcement The new security policies shall be enforced by instilling minimum ethical conduct and each employee encouraged to be responsible with their usage of the network. There should also be scheduled and random security assessments to guarantee continuous security. Tailored training for both IT department and the users must be planned to prepare the entire bank for networks deployment, how it will be used, managed and kept secure (NIST, 2003). Ethical Guidelines Associated with Wireless Networks in the Organization The bank shall set minimum expected levels of responsibility for all employees in how they conduct their use of the infrastructure. Each user must exercise due diligence in protecting the network and avoid abuse. A culture of employees being responsible custodians of equipment under their care will be developed. Terms and Definitions Rogue: These are devices on the network that the administrator may not be aware of, but compromises the security of the system. Station: Also known as devices, they are the media through which users use the information on the network and they include computers and mobile phones WAP: Wireless Access Point, which acts as a hub through which devices can access the wireless network and be linked to each other. WLAN: Wireless Local Area Network, used in the linking of several devices over short devices through access points. WMAN: Wireless Metropolitan Networks, which link several WLANS. WPAN: Wireless Personal Area Network, used in the wireless connecting of devices in small areas, like within the home or an office. WWAN: Wireless Wide Area Networks, for the wireless connection of users over large geographical locations. References Goldsmith, A. (2005). Wireless communications. Cambridge: Cambridge University Press. National Institute of Standards and Technology (NIST). (2003). Wireless network security. New York: Author. Pahlavan, K., & Krishnamurthy, P. (2009). Networking fundamentals – Wide, local and personal area communications. New York: Wiley. Rus, W., & Donohue, D. (2010). CCIE routing and switching. Indiana: Cisco Press. Read More