Presentation is loading. Please wait.

Presentation is loading. Please wait.

Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.

Published byMartin Oliver Modified over 8 years ago

Similar presentations

Presentation on theme: "Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal."— Presentation transcript:

1 Simon Prasad

2 Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal communication/ data transfer being compromised. 2  How safe is it to use public Wi-Fi?  What are the risks involved and how can they be minimized?  What are the measures that organizations and institutions can take to ensure that their Wi-Fi protocol is safe?  What are the safe practices that they can adopt and educate their users to comply with?

3 Literature Review  Wi-Fi networks function in an unlicensed area, and anyone within the geographical location can use the available frequencies as a network.  WEP and WPA are the most common forms of encryption used, but they can be easily hacked.  Small and medium enterprises (SMEs) are more vulnerable to attack as they do not have the resources/expertise to enforce stringent security protocols for their network. 3

4 How do small enterprises ensure their Wi-Fi hotspots are secure?  There is a need for an organization to evaluate its wireless network architecture.  Vulnerabilities may arise from:  Data interception over air  Data interception over the network  Manipulation of data in transit  Connection to untrusted service  Consequences of wireless network breaches:  Privacy breaches resulting in financial loss  Reduction in surfing speed  Generating unlawful traffic  Exceeding data usage 4

5 Methodology 5  The methodology adopted was a Case Study Approach.  Primary data was collected from the selected organisation that has Wi-Fi facility for its visitors and its related security arrangements.  Then, secondary research was done to identify solutions for the security gaps that were discovered.  The organization chosen for the study: CommLab India LLP (www.commlabindia.com), which has various Wi-Fi points in its offices.www.commlabindia.com

6 Objectives of the Study 6 To find answers to the following questions:  What are the current security mechanisms in place?  How effective are the current arrangements?  What can be done to improve the security mechanisms?

7 Findings  CommLab India, a small to medium enterprise was chosen for the research. 7 About CommLab India LLP  A total e-learning solutions company located at Hyderabad, India with 130 full time employees  Provides:  Custom e-learning design & development services to large corporate organizations worldwide  Learning Management System services  Handles;  Sensitive customer data of >100 customers in 8 countries  Its own proprietary data on its internal and external servers

8 Wi-Fi Security at CommLab India Security measures before 2013  3 wireless devices WPA/WPA2 security settings in conference halls on 3 floors  Firewall device used: Fortinet 110C.  No Wi-Fi access to employees.  Visitors provided with the access credentials (user name Commlab_Guest, pre-set password which was changed every 15 days).  Guests had to login into the Service Set identification (SSIDs) after joining the Wi-Fi network.  Visitors could access Internet but had no access to internal resources.  Visitors had access to the full available bandwidth. 8 The company decided to change the Wi-Fi setup because the bandwidth was wasted and employees attending meetings in conference halls or those with laptops found it difficult to enter the network to access internal resources, as they had no Wi-Fi access and had to plug in a LAN cable to enter the network.

9 Wi-Fi Security at CommLab India (Contd.) Wi-Fi Security measures after 2013-14  4 wireless devices connected to a cloud-based controller (Kloud Wi-Fi) for 4 conference halls.  Firewall upgraded to CyberRom 100iNG.  Devices configured with WPA2 with 128 - 256 bit encryption layer.  Voucher Facility where the systems administrator creates vouchers as per user demands.  If an unauthorized user discovers/ accesses a valid SSID name of an employee and enters the network, an Active Directory (AD) authentication is required to enter the internal network.  The Wi-Fi facility can accommodate both guests and employees through 2 SSIDs.  Guest SSID: Access to Internet resources only with limited speed/ bandwidth and additional restrictions to certain websites/online resources.  Staff SSID: The employees, logged in via Staff SSID, can access ALL internal and external resources such as data, printers, faxes and the computer network in addition to the Internet. 9

10 Evaluation of Wi-Fi Security Arrangements In order to secure a Wi-Fi network, organizations must ensure that following safeguards are in place. 10 1 Encryption of Wireless Router 3 Change of Default Passwords 5 Frequency of Passwords Change 7 Broadcast of Network Name 9 Detection and Blocking of Malware 2 Activation of Firewall 4 Strong Passwords 6 Unique Network Name 8 MAC Address Filter to Authenticate Users 10 Policy Consistency for Scalability

11 Analysis  CommLab uses WPA2 encryption which is the latest standard security measure.  The two SSIDs, CommLab_Guest & CommLab_Staff are easy to guess.  The system is scalable to set up additional devices at access points with cloud- based controller arrangement – Kloud Wi-Fi.  Guests are allowed into the Wi-Fi network by system administrators physically keying in their passwords. But if the guest finds out the access details, he can enter anytime.  Default passwords of wireless access devices are changed on installation. However, there is no practice of changing these passwords on a regular basis, although the passwords for SSIDs are changed every month (No specific day/time/schedule).  The password assigned to the SSID is a simple “user@123”. They do not follow the best practices of setting strong passwords.  No training is given to staff to follow better security practices. 11

12 Recommendations  A more systematic approach towards setting and changing of passwords may be followed.  The best practice of having longer passwords with at least 10 – 12 alphanumeric characters should be used.  The network broadcast name should be turned off for better security.  The voucher-based facility which is already in existence should be used for guests for improved security.  Different passwords should be assigned to Staff and Guests.  Regular training to sensitize the staff to the risks and to improve their knowledge on best practices of IT security should be undertaken. 12

13 Conclusion  As research showed, the small and medium enterprises are more vulnerable to information breaches through wireless networks and Wi-Fi hotspots.  Some measures such as changing default passwords, encrypting the network, enabling the MAC filtering, blocking WAN requests or changing the SSID broadcast could go a long way in securing corporate networks.  As far as CommLab India is concerned, the study shows some good practices are being followed but they can be improved to attain a higher degree of security by following the recommendations suggested. 13

Download ppt "Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Secure Computing Network

Secure Computing Network
Security in IEEE 802.11 wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.

Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
Chapter Extension 8 Understanding and Setting up a SOHO Network © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 8 Understanding and Setting up a SOHO Network © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
A Guide to major network components

A Guide to major network components
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Similar presentations

Ads by Google