Wireless Security

Question 1. Let’s pretend I own large corporation, and at this corporation, I have no wireless access points installed. So why should I care about wireless security? (Hint: what do most laptops come issued with nowadays?).

Answer 1. Regardless of the access points’ presence, the wireless-enabled devices could communicate with each other over the ad-hoc connection. According to Pfleeger and Pfleeger (2011), “A point-to-point connection (called ad hoc) is to another computer, not necessarily to an access point and server” (p. 422). Some devices can have the factory-preconfigured wireless settings that would allow ad-hoc connections from other nodes once the WiFi is switched on. Therefore, a potential intruder can connect and browse through the confidential information on the user’s laptop. In order to eliminate this vulnerability, the wireless connectivity should be disabled on all laptops and phones.

Question2. What are some of the challenges introduced when wireless devices become introduced to a corporate network? Tailor your answer for both mobile laptops and phones.

Answer 2. The major challenge introduced by wireless networks is the data confidentiality. Obviously, a free access to the WiFi network never should be allowed, but even the password-protected connections could be vulnerable. The original WiFi encryption mechanism (WEP, or wired-equivalent privacy) was extremely weak and could be easily cracked (Fette et. al, 2007, p. 274). Subsequently, the network traffic containing the confidential data could be intercepted and even modified. The WiFi Protected Access mechanism (WPA) offers the much more robust security, especially in its WPA2 version. All types of the wireless-enabled devices should use the strongest possible encryption, as there is little difference between laptops and phones when it comes to the data security.

Question3. What are some ways I can increase network visibility (monitoring) of wireless users for my corporate network? What are some other ways?

Answer 3. In order to increase the wireless network security, the access points should have the minimal visibility, whereas all users and their actions should be easily traceable. The first goal can be achieved by forcing the APs not to broadcast their SSIDs (Service Set Identifiers). In this case, only users who know the wireless network name could start the authentication process (Ciampa, 2011, p. 304). The user’s visibility can be increased by means of MAC (Media Access Control) filtering, which would allow only specific users to connect to the network. The physical users’ locations can be monitored using the wireless controller, which is responsible for the wireless roaming and load balancing.