Task 2 - WLAN and Mobile Security Plan
docx
keyboard_arrow_up
School
Western Governors University *
*We aren’t endorsed by this school
Course
C844
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
4
Uploaded by CorporalArmadillo3991
Emerging Technologies in Cybersecurity – C844
PRFA – GRP1 Task 2: WLAN and Mobile Security Plan
Susan Crowe
Student ID: 011374378
A.
Describe
two
WLAN vulnerabilities that present risks for Alliah, based on the details in the scenario.
The first vulnerability is the “large back patio area” which has a wireless access point dedicated to it that the employees of Alliah are authorized to use. While it does state that there are firewalls in place it does not protect the accept point itself. This creates the ability for “war driving”. This is a nice gesture for employees, but it creates a vulnerability that could be easily controlled. The second vulnerability involves the Alliah website servers and where they are being hosted. These webservers are hosted a hundred miles away from the company’s headquarters. While this is a more common technique, especially with the use of cloud services today, there is no mention of any security precautions between
the company, the internet, and the provider. This data could easily be intercepted or even be susceptible to Man-
in-the-Middle (MITM) attacks. This data could be sensitive to the company or their customers by exposing potential PII or proprietary data.
B.
Describe
two
mobile vulnerabilities that present risks for Alliah, based on the details in the scenario.
The first vulnerability that I noticed concerns the remote needs of traveling employees. This creates a need for
employees to potentially connect to public Wi-Fi or improperly secured Wi-Fi at customer facilities. This includes public facilities such as airport, coffee shops, restaurants, and customer facilities. There is no mention of how the mobile laptops and devices are managed, if there are policies in place, encryption, user account protections, mobile device management, etc. I also did not see any indication that there is any kind of multifactor authentication set up to protect the devices and user accounts. The second vulnerability I noted was the use of a large shared space. When the employees are not traveling, there is a large shared space where mobile devices could be accessed. This is a bit of a dual-layer vulnerability to me. While the open space allows for collaboration among the team members, it exposes equipment, allows for shoulder surfing, and exposes data unnecessarily. The second layer to this vulnerability is that there is no practice of least privilege to ensure that data is properly protected from one customer to another. We could assume that each representative is responsible for their own customers, and some of that data could be considered proprietary
to the customer that cannot be risked to exposure. This could cause a lawsuit to Alliah if a customer felt that their data was inappropriately accessed or used in some way. Especially if there are NDA’s involved. C.
Summarize the steps for mitigating
each
identified WLAN and mobile vulnerability, including the specific tools or documentation that will be needed for mitigation.
In order to mitigate the first WLAN vulnerability, there are two initial possibilities. One would be to remove the Wireless Access Point from the patio, and extend the coverage of an internal Access Point to reach the patio area while limiting its exposure to the street or properly outside of the patio grounds. Additionally, they should ensure that default administrator credentials are changed all WAPs. This is a critical step to execute as it is one of the first things a would-be hacker might do is try to take control of the WAP using the default Admin account. Encryption would be the next step to take. Depending on the authentication requirements of this particular network, it would be recommended to enable WPA-2 encryption. Lastly, Alliah should ensure that the SSID is not broadcasted. This will make it much harder to find the SSID by war driving. The second WLAN vulnerability could be resolved by implementing a VPN solution such as an IPSec VPN tunnel
to encrypt the connection and hide the exposure from the open internet. This would allow for a much more secure
data transfer method to manage the webserver. This would create the most flexibility for the developers/engineers to manage the site and the server. If the server is managed by the remote datacenter, they could also implement multifactor authentication to protect the elevated access required to manage the webserver.
The first mobile vulnerability could be resolved with a very easy solution. The implementation of a user VPN, such as the CISCO AnyConnect client or a web-based VPN to protect business data on mobile devices would be necessary. By restricting this to a full-tunnel experience, Alliah could also protect the exposure of the data by requiring the user to login to the VPN to access any business related data. The use of an endpoint encryption product such as Bitlocker on laptops is also crucial. For mobile devices (tablets, cell phones) the use of a mobile device management system (MDM) would be highly advised. The second mobile vulnerability could also benefit from the use of implementing solutions listed in the previous mobile vulnerability. The implementation of an endpoint encryption solution such as Bitlocker or an MDM
solution would ensure that if the device is lost or stolen that it could be wiped remotely and ensure that company data is not exposed or compromised. The use of Multifactor Authentication (MFA) is also highly recommended to increase the difficulty for any penetration into the device prior to executing a wipe of the device when needed.
D.
Recommend preventive measures to maintain the security posture of WLAN and mobile environments in a small business, such as Alliah. Reference federal, state, or industry regulations that justify these measures.
My first recommendation addresses the WLAN environment alignment. My recommendation would be to look
at protecting the user access first. This would mean that Multifactor Authentication (MFA) should be implemented to ensure there are multiple authentication measures in place when the user logs onto the network. The second recommendation I have is to select a security framework to align to. This is an essential method to establishing a standard security model as well as ensuring compliance with any requirements and services that Alliah offers or is obligated to align with. NIST is a very standard framework that would be recommended that outlines several security posture methods and recommendations. Other frameworks that could also be leveraged would be PCI (in case they handle any credit card payments) and MITRE, to align with best practices for security protections and processes. My second recommendation aligns to the mobile environment. For mobile devices, there are two main needs to ensure protection of mobile devices. For laptops that travel often, my recommendation is to ensure the device is fully encrypted with a solid encryption solution such as Bitlocker. Maintaining recovery keys would also be a critical component to properly mapping out and implementing a strong, reliable encryption solution. For mobile devices such as phones and tablets, implementing a mobile device management solution is crucial. MDM allows the ability to encapsulate all business related applications and data to be encrypted and protected. E.
Recommend a solution for the company’s BYOD approach, including research to justify your recommendation.
The first action I recommend for BYOD devices is to develop and enforce a usage policy. The alignment of what
is and is not acceptable to be done on personally owned devices needs to be clearly outlined. Once that’s in place, I
would recommend to develop and execute training followed by an attestation. These steps would be important to ensure that all employees fully understand the usage requirements and limitations for using BYOD devices. The attestation would ensure that they acknowledge and understand that material. Once these policy and administrative efforts are completed, I would recommend the use of remote control functionalities such as MDM, antivirus tools, and vulnerability scanning tools. This would increase visibility and help
to control some patching if possible. F.
References
1.
SP 800-77 Guide to IPSec VPNs . Retrieved 8 February 2024, from chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://nvlpubs.nist.gov/nistpubs/Legacy/SP/
nistspecialpublication800-77.pdf
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
2.
NIST 800-114 User’s Guide to Telework and Bring Your Own Device (BYOD) Security. Retrieved 8 February,
2024, from chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://nvlpubs.nist.gov/nistpubs/
SpecialPublications/NIST.SP.800-114r1.pdf
3.
Securing Wireless Networks. Retrieved 8 February 2024, https://www.cisa.gov/news-events/news/securing-wireless-networks
4.
The 7 Mobile Device Security Best Practices You Should Know for 2024. Retrieved 8 February 2024, from https://www.ntiva.com/blog/top-7-mobile-device-security-best-practices
5.
Security best practices for BYOD policies – TechAdvisory.org. Retrieved on 8 February 2024, from https://www.techadvisory.org/2021/07/security-best-practices-for-byod-policies/
6.
Guidelines for Securing Wireless Local Area Networks (WLANs)—Argus Cyber Security. Retrieved on 8 February 2024, from https://argus-sec.com/blog/standards-and-compliance/sp-800-153-guidelines-for-
securing-wireless-local-area-networks-wlans/