A WI-AN encompasses a local office hill a WALL connects two different offices so that they can have access to each others resources. Wireless networks provide a lot of mobility for users to do their work. Employees are not tied to their desk in order to be productive. They could be in another office or In a conference room and they are still connected to the network with all the company resources at their disposal. While all of these features that Wife offers to businesses sounds very attractive it also brings its own issues I. E. Wireless security, slower connections, poor video quality, etc.
As stated earlier Wife brings its own unique set of security issues. With Wife data is sent over the air rather than through cables. That makes the data more susceptible to being compromised or stolen. Also, if the name of the network is being broadcasted an intruder can focus their attention on that particular network in order to try to access it. There are steps that can be taken to address these and other types of wireless security concerns. Using wireless security protocols like WPAD and encryption like AES will help to secure the wireless network These security concerns and solutions will be discussed in further detail later on.
Wireless Applications in Business Wireless devices and their applications each have a place in business. Laptops, smartness, tablets, etc. Are all wireless devices used in businesses around the world. Along with applications these work together to provide businesses with a nonstop flow of data from customer transactions to product testing. File sharing has become a big part of businesses. Important forms and documents are able to be shared and stored via cloud services. Challenges with WAD Mobile devices are just that, mobile. They are not tied down to a desk or any one location.
Mobile devices hold vast amounts of information from arsenal to private. They can potentially hold very sensitive information. By introducing wireless devices another point of entry into a company is being created (Peak Technologies, 2007). Device control and tracking Proper configuration of devices is very important. If devices aren’t configured with the appropriate updates and security than the devices become obsolete (Peak Technologies, 2007). Mobile device management software helps to alleviate this issue. With this kind of software devices can be configured to specific settings.
Features can be turned On or Off, requiring postcode to access the device, etc are just a few of the many ways that a device is able to be configured. Their tech support department can create profiles with all of these settings preset so as to streamline the setup process. Also it makes it possible to remotely access and wipe the device if it is lost or stolen. Updates and patches are also easily pushed to any configured devices. Wireless devices are easy to lose so naturally there is a high cost associated with them. Phones have tracking software called Find My phone pre-installed on all their phones and tablets.
This makes it possible to have p to the minute status on the location of the device. Also training users on how to use their device is very important. Many device errors and issues can often be attributed to user error. This can be alleviated by making sure each user has a clear understanding of how to use the device to its maximum potential and an understanding of how to properly secure any information that may be stored on it. Stealing of User Data One of the most common crimes in the cyber world is the stealing of users’ personal information I. E. Surnames and passwords.
There are several techniques used by hackers to access this information which include rogue Wi-If hotshots, sniffed software, and dictionary attacks. Rogue Wi-If hotshots are used in areas where there will likely be a large number of users looking for a wireless connection (Fairs, 2014). The SAID for these types of networks are generic like “free network” in order to lure users to connect. Once connected users’ information can then be accessed (Paris, 2014). Sniffing software is used to detect open networks for businesses and homes who have unsecured wireless Lana or they may have weaker security (Miller, 2015).
Sniffing software allows hackers to see even those Skids that are hidden (Miller, 2015). Hackers then attempt to access the networks and steal private information. Dictionary attacks happen when a hackers executes a script the tries using every word in a dictionary. Most sites disable a login after three failed attempts but websites from smaller companies tend to not have this feature enabled. Users can fight snifters by ensuring that sites that they go to use HTTPS (Pass, 2011). If it is not done by default users can manually type it in. Other options include using a VPN or SSH proxy (Pass, 201 1).
They act as the go between, between a users computer and a websites servers (Pass, 2011). They ensure that all data sent between those two points is encrypted (Pass, 201 1). When it comes to rogue Wi-If hotshots users can fight this by not connecting to insecure public Wi-If networks. Businesses can fight this by ensuring that they install an intrusion detection system (IDS) on their wireless network. Combating dictionary attacks is a much easier task than one would think. Users should pick complex passwords that include both upper and lowercase characters, symbols, and numbers.
There are many different protocols and methods used to secure data and connections on wireless networks. Secure Shell (SSH) is used for securely accessing computers and servers remotely. SSH commands are encrypted. Both the server and the client connections use digital certificates for authentication. Any passwords are also encrypted. The great feature about SSH is that it provides a secure connection over insecure networks. Transport Layer Security (TLS) is another protocol used for network communications security. It uses asymmetric cryptography for authentication purposes.
TLS is used across many different applications like e-mail, browsing the internet, e-commerce, POI, instant messaging, etc. Operating yester like Windows and Apple often have updates that include security patches. Keeping systems up to date is important because often these security patches address new and known threats to network security. Disrupting and Hacking unsecured Wireless Networks Eavesdropping on a wireless network is relatively easy to do. There are many different programs that can be used to do this. An intruder can download free software like a network analyzer which captures wireless signal packets (Geiger, 2013).
Connecting to unsecured Wi-If hotshots in places like cafes and restaurants makes it a lot easier for intruders to capture these packets. A hacker can grab passwords, emails, logins, and so forth from these packets if the network is unsecured. Packets can be easily reassembled to look like a website which is full of valuable information (Geiger, 2013). An application on the Android platform called Dromedaries is able to access private accounts of web sites like Faceable, Linked, Yahoo, and Gamma (Geiger, 2013). Dromedaries doesn’t capture passwords, however it does allow for someone to access someone else’s current open session (Geiger, 2013).
Connecting to an unsecured Wi-If hotshot may be convenient but as it has been explained his is very poor idea security wise. There are ways to combat eavesdropping on these unsecured networks. They are as follows: 1 . Anytime logging into a website users should ensure that the URL address starts with HTTPS (Geiger, 201 3) 2. If possible make sure to encrypt the entire session when on a website (Geiger, 201 3) 3. Check email via web browser and again make sure it begins with HTTPS. If using Outlook make sure encryption is turned on (Geiger, 201 3) 4.
Don’t ever utilize FTP services that are unsecured (Geiger, 2013) 5. Use VPN to ensure secure web browsing (Geiger, 2013) Streaming Video of Wireless Networks Video streaming has become just as an important form of communications in business as talking on the phone. Organizations are communicating with each other and their employees through video applications like video conferencing along with live and recorded training sessions. These are just a few of the many ways that business are now communicating via video streaming. Video streaming meetings, training sessions, etc. Alps to lower the expenses associated with travel as well as foster greater trust between those on each end of the conversation (Cisco, 2010). Because video has become such an integrated part of business users are demanding the same capabilities and qualities that they get in the conference room no matter where they are (Cisco, 2010). This presents its own issues as a traditional wireless network will not be able to handle the requirements needed to handle the bandwidth, end-to end connectivity, and consistently provide the high quality needed for that kind of scale (Cisco, 2010). Video users a lot of bandwidth and resources.
It is very demanding. Whether wired or wireless video streaming shows a network’s true strength. If video streaming over a airless network is to be used in a business environment it has to be able to handle multiple audio, data streams, and video without any disruption or degradation (Cisco, 2010). Another big problem with video is that any error or disruption is easily seen and can cause its usefulness to become a major hindrance very quickly (Cisco, 2010). Wireless access points or wireless routers with IMO technology can help to advance the physical layer for video over Wi-If.
IMO allows for higher data rates and better reliability of the link (Cisco, 2010). Another improvement is done at the MAC layer with Wi If Multimedia extensions or WHOM (Cisco, 2010). WHOM can set the priority for video, voice, background, and best effort (Cisco, 2010). With this tool video can take priority over other forms of data traffic. If there are multiple data packets being sent at one time then video can go first (Cisco, 2010). There are few different ways to improve video quality at the application layer. One of them is quite simple.
It involves identifying particular ports and IP addresses as being used for streaming video services (Cisco, 2010). Now to address the challenges associated with Wi-If coverage. Overcoming the limitations of Wi-If overage Wi-If offers mobility for its users. The drawback to this wonderful feature is the fact that Wi-If has to deal with obstacles that degrade its signal. People, walls, radio traffic, weather, etc are all obstacles that users of wireless networks have to deal with. While these do offer a hindrance they came be overcome. One of the ways is to use wireless access points. They are used to extend the range of a wireless network.
Now they are susceptible to these same obstacles, however if they are placed properly they mitigate these obstacles quite well. Also, changing the wireless channel that a signal is eradicating can help with too much congestion on a particular channel. Increase Speeds of Wireless Networks The speed of a wireless network has a lot to do with signal strength, channel interference, congestion, the wireless standard used, etc. If a wireless router is using 802. 11 AC but the devices it communicates with are using 802. 1 In than it has to slow down to those transmissions speeds in order to transmit the data.
Have as few legacy devices on a network as possible. This will help ensure that the fastest data speeds are being used. The most crowded channel on wireless networks is channel 6. This is the default on many routers. As most users don’t know how to change this channel congestion can be a big problem. When changing the channel it should be at least 3 channels away (Speed Guide, 2015). Make sure that the router or access point is not in an area surrounded by obstructions like LED lights, other routers, switches, cordless phones, and so forth (Speed Guide, 2015).
Assessing WAD Security Problems There are many ways to address security issues within a wireless network. But before implementing those changes and fixes the network needs to be assessed in order to figure out what its weaknesses are. When assessing a wireless network for vulnerabilities there are 5 things to look that must be done. First is to discover wireless devices on your network (Chuddar, 2012). It is imperative to know every device including routers and access points that are connected to the network (Chuddar, 2012). A network scanner will search for all of the active traffic on both the 2. GHz and GHz bands on the wireless network (Chuddar, 2012). After the scanner has finished all of the data should be catalogued with the owner and location of the devices (Chuddar, 2012). Next, any rogue devices should be sought out. Rogue devices are those devices that have no business on the network. Rogue devices can be identified by looking at the data of the network scanner and comparing it with the known inventory of devices on the network (Chuddar, 2012). Any equipment that is not on the inventory needs to be denied access to the network immediately.
After determining if there are any rogue devices present authorized access points should be tested (Chuddar, 2012). The wireless access points or WHAPS need to be secured the same as the routers (Chuddar, 2012). This means making sure that the Whaps have the most up o date security patches and updates. Also ensuring that the admit password for the WHAPS has been changed to a strong password while checking that the strongest authentication methods are being used (Chuddar, 2012). Next, since a scan has just been completed it is the perfect time to update the device inventory for the wireless network.
This includes any laptop, smartened, printer, etc. That has been added since the last inventory. Each of these devices must be checked to see if they have the most up to date security updates as well as the latest operating system (Chuddar, 2012). The inventory will allow a company to see if there are any legacy devices present that may need to be replaced so that they can use the latest wireless protocols like 802. 1 lace or 802. 1 In. Finally, action must be taken to remove any and all vulnerabilities found.
Educating users on the security policies as well as installing updated security patches and changing passwords are all steps that should be taken (Chuddar, 2012). After all of the vulnerabilities have been addressed they should be tested to make sure that they can stand up to scrutiny. A regular maintenance check of the wireless network should e scheduled on an ongoing basis. Common Methods for Securing Wireless Networks Change and Hide the SAID from the default The name of the wireless network is known as the SAID (Service Set Identifier). Usually the default name is the name of the router. The name should be something easy to remember.
After the name has been changed the SAID should no longer be broadcasted. This is an extra step so that no one can see the wireless network when a search for available networks is done. Change the default password of the router or mobile device Whether it is wireless router or any other wireless device it is imperative hat the default password is changed immediately. The reason for this is that if the password isn’t changed than an intruder can easily gain control of the device and do whatever they want. This is especially important when it comes to routers because they are responsible for the routing of traffic on the network.
All routers from a single manufacturer will have the same default password associated with them. So, potentially an intruder could get into multiple devices if the default password wasn’t changed. Use WPAD with AES encryption Wi-If Protected Access 2 or WPAD is used to secure a wireless network. It is he most secure method for securing a wireless network. It replaced inferior methods such as WEEP and WAP. Sing Advanced Encryption Standard or AES for encryption is the best available. AES encryption is used as a replacement for T KIP which is no longer considered secure (Hoffman, 2014).
Installation of a Firewall A wireless firewall or wireless intrusion prevention systems are used to filter and monitor wireless traffic. They also are used to block any unauthorized use of the network and any attacks (Prefer, 2006). They are always checking for foreign traffic and will disconnect any access point that they don’t agonize (Prefer, 2006). Often users aren’t aware that they are not using a wireless network in a safe way. The WIPE doesn’t have to rely on users using it properly because it can recognize any sessions that are not compliant and disrupt it (Prefer, 2006).
Enable MAC and IP Address Altering By enabling MAC and IP address filtering that means that if a MAC or IP address doesn’t match the allowed list of addresses than it will not be able to connect to the wireless network even if it knows the password. Security Issues with Mobile Devices Mobile Phones When it comes to mobile phones users pretty much have their whole lives n these devices. Users and their phones are joined at the hip. People cannot stand to be away from their mobile phones for too long because they may miss a call, text, or email message from someone else.
According to a study by Pew Research 44 percent of users of smartness sleep within close proximity to their devices so as to make sure they don’t miss any form of communication the device provides for them (Porch, Cook, & Grain, 2015). Another study done by DC Research stated that out of 8000 users from the ages of 18 to 44, 62 percent went for their phone or Android as soon as they coke up in the morning (Porch, Cook, & Grain, 2015). Due to the fact that mobile phones have become everyone’s closest companion whether it be personal or business hackers are trying everything they can to break into them (Porch, Cook, & Grain, 2015).
Many users are under the false impression that their mobile phones are by default secure. Unfortunately this is not the case. It is up to the user or business to configure the phone in order to properly secure it (Porch, Cook, & Grain, 2015). Intruders can access these phones at very little cost to them. Generally, there methods of attack include installing malicious mallard or mirroring the phone so that they can see exactly what the user sees on their phone (Porch, Cook, & Grain, 2015). What is very disturbing about this is the fact that these attacks take place in only a matter of seconds (Porch, Cook, & Grain, 2015).
By 2018 it is predicted that 25 percent of the data of corporations will move from mobile devices to the cloud (Porch, Cook, & Grain, 2015). There are five security risks associated with mobile phones and they include physical access, malicious code, device attacks, communication interception, and insider wreaths (Porch, Cook, & Grain, 2015). The attraction of smartness is the same thing that makes them susceptible to being stolen, they are mobile and small. They can be easily forgotten in a car, restaurant, or airport.
It’s bad enough that mobile phones can be accessed without having to actually take possession of them but if someone actually gets their hands on someone else’s phone it is all over. If a hacker gets actual physical access to a phone it is bad news because even a good antivirus or lock code is a joke to an experienced attacker (Porch, Cook, & Grain, 2015). This is both a concern for personal phones and corporate ones. A malicious person could access personal data like passwords, financial information, personal information, etc.
If they access a company phone they could potentially have access to proprietary information, documents, along with a lot of other damaging information. What is very disturbing is that even if a phone has been remotely wiped there are retrieval programs that can recover any data that has been removed from the phone (Porch, Cook, & Grain, 2015). Now, onto malicious code. Mallard usually comes in the form of social media or it attaches itself as a unload of legitimate software. PC’s have a lot of easily available downloads from many different sites, but mobile devices are not susceptible to these fly by downloads.
Mobile ads are how mallard have been used in attacks to get in on a mobile phone. The phrase “amalgamating’ was coined by Blue Coat in a report to describe this kind of attack (Porch, Cook, & Grain, 2015). The biggest target for malicious attacks on mobile phones are Android smartness because they are used by a great number of users and compatible software is easy to develop for it (Porch, Cook, & Grain, 2015). Malicious Trojan programs, which are used to steal data can be transmitted over both a mobile network and a Wi-If network (Porch, Cook, & Grain, 2015).
They are easily sent in text messages. A victim clicks on the link within the text message and is taken to what looks like a legitimate app store. They download the application and now they are infected and able to infect other phones. Now for device attacks. These come in form of attacks through a browser, exploiting buffer overflow, and many other types of attacks. Other avenues of attack happen through multimedia message services and short message services. Next is interception of communications.
All smartness can connect to Wi-If networks. This means that they are just as susceptible to any attack that any other Wi-If capable device is (Porch, Cook, & Grain, 2015). These kind of attacks have become much easier to execute and are readily available on the internet. Data transmissions sent over a cellular network are able to be intercepted by malicious attackers and decrypted. Attackers find weaknesses in these types of networks and exploit them to eavesdrop on voice conversations and data (Porch, Cook, & Grain, 2015).
Companies who provide mobile phones or ho allow users to use their personal phones to access company resources must educate their employees on not connecting to free public Wi-If networks because they are some of the easiest networks that can be accessed by attackers (Porch, Cook, & Grain, 2015). Some of the worst threats are not from the outside but from within. Disgruntled employees can use their mobile phone to download large amounts of data to SD cards or directly to their phone so that they can send this to their external email addresses. Also misusing cloud computing services has become a big issue.
This can lead to leaks Of data that a many can be completely unaware of (Porch, Cook, & Grain, 2015). Recommendations Throughout this report many different issues and fixes have been discussed when it comes to securing networks, devices, and streaming of video over wireless. What all of these recommendations for addressing these issues have in common is that they are useless unless employees know about them. It is very important that management ensures that every employee gets the proper training on company policies when it comes to network and device usage. This training should be part of the initial in-processing process.
These leslies should discuss proper use of company resources, privacy terms, etc. Any company devices should be part of a life cycle process as it is important to ensure that users have the most up to date devices with the most current security features. Any devices that are purchased by a company should be from popular and proven companies. These include AT&T, Verizon, T-Mobile, and Sprint. They carry popular phones like the phone, Samsung Galaxy, and Razz. They also provide voice and internet services. Companies should choose a plan that best suits their needs.