Introduction
Alliah Company is a fast-growing social media provider that launched a website and mobile app for young professionals using crowd-funded resources, most of which were allocated to development rather than internal network infrastructure. The company employs 35 full-time staff working in a renovated three-story warehouse, with two floors currently in use and one available for future expansion.
The headquarters network includes a gigabit managed switch, a multiservice wireless LAN controller, seven wireless access points—one covering an outdoor patio—and a firewall, while website servers are hosted in a data center 100 miles away. Five account representatives travel frequently and use company-issued laptops, tablets, and smartphones, while employees primarily rely on WLAN-connected company computers under a bring-your-own-device policy.
The IT team includes five staff members, with most focused on website maintenance and two supporting the office network. As the platform’s popularity grows and plans for expansion and a potential public offering emerge, the CEO seeks to strengthen wireless network security, assess existing risks, and evaluate whether to continue BYOD, limit access to company-owned devices, or adopt a hybrid approach.
Wireless computer networking is a technology that enables the creation of computer networks without the use of cabling. Wi-Fi is a standard on Wireless LAN equipment, which allows a network to be deployed without cable. For Alliah, which is planning a transition to a public organization, wireless technology remains a significant advantage. Alliah must strengthen the security of its network and limit staff access to the corporate network from personal devices that have not been registered and verified.
Security Level of Wireless Network Infrastructure
Wireless network security is essential to ensure the quality of service for field devices and the decision center. It consists of ensuring the privacy of users connecting to the network, as well as the integrity, availability, stability, and speed of the connection. Wireless connectivity technologies require protection because their coverage area can be significant and threatened. Alliah’s network can be compromised because gaining access to such a network is easier than to wired networks, as no special conditions are required to break into the signal transmission environment.
As the company plans to become public, there is a threat to its privacy and integrity, as attackers may attempt to exploit its intellectual property to their advantage. The company needs to understand that as the workforce grows, the network workload will require additional encryption keys (Doherty, 2021d). Encryption hacking is a potential problem, and to prevent it proactively, a secure network setup should be implemented that automatically enhances the connection’s security (Patra & Mukherjee, 2021).
Wireless network vulnerability can be managed by adjusting the configuration of access points (Rashid et al., 2021). The networks used by the company must be designed to a standard that combines availability and security. Alliah should change its network configuration settings: adding authentication and additional keys will reduce direct threats. Configuration changes are necessary to regulate the format of the network usage and to check it on time for compliance with the current settings.
Indirect threats should remain Alliah’s focus when preparing to transition to a public type of organization. There are risks of wireless network use by customers not part of the company. Accordingly, it can be challenging to distinguish legitimate customers from intruders, which critically increases the risks of unauthorized information transmission among wireless channels (Patra & Mukherjee, 2021). Alliah should be concerned about how they plan to prepare and organize new network parameters to protect against indirect threats. Penetration by viruses or disclosure algorithms could be feasible because Alliah’s servers are located significantly from the headquarters.
Recommendations for Alliah as a Small Business
Alliah relies on legal features to protect wireless networks and the overall security of transmitted information. The Federal Information Security Modernization Act (FISMA) is significant, and its implementation needs to be strengthened to enhance the above indicators (Doherty, 2021g). The prevalence of wireless networks is one of the security risks, and hackers can use the capabilities of this network to steal intellectual property (Doherty, 2021d) or leak data (Doherty, 2021e).
Alliah can improve network security by improving encryption techniques (Rashid et al., 2021). As the company plans to go public, there is the question of the processes for creating the bonds and stocks the company will trade (Doherty, 2021f). Alliah must improve the security of its financial statements, which are transmitted over the wireless network.
Small businesses always face more threats than large and state-owned businesses. For Alliah, strengthening WLAN and mobile security can be accomplished as part of FISMA enforcement by restricting access to information. The organization can implement additional protocols to monitor security measures, namely service identifier protection (SSID).
The SSID should be changed to a unique code different from the default one and more challenging to remember and guess. In addition, Alliah should consider partnering with ISAO to enable cybersecurity data sharing. As part of the Cybersecurity Information Sharing Act (CISA), the organization should establish a hierarchical system of access to corporate data, thereby easing the number of people who can potentially leak information to the public.
Among other preventive measures, Alliah should consider controlling how software updates are used. The organization can maintain the WLAN’s security by updating the system in a timely manner and adhering to government standards established by the National Institute of Standards and Technology.
The organization can also customize how it stores information to avoid data leaks. As part of the Electronic Communications Protection Act, Alliah should update the systems responsible for storing corporate data and establish the order and frequency of auto-saving copies. The company will then have a better chance of avoiding negative consequences in the event of a crisis.
Data Leakage
Data leakage is a significant risk when using wireless networks because hackers can quickly introduce malware into the network encryption. Alliah should consider legislation regarding the notification of users of security breaches and establish a system to respond to such intrusions (Doherty, 2021). The company’s intellectual property, which includes its social networking site servers, may be subject to attacks and theft attempts (Doherty, 2021a).
Remote access to servers strains the WLAN at headquarters, despite having seven branch offices. The company plans to expand its workforce, so this number will not be enough to evenly distribute the load on the network and ensure secure connectivity (Vanjari et al., 2020). Alliah should draw up an information act on cybercrime laws and ensure that it is distributed to the appropriate individuals (Doherty, 2021c). It can provide moral and legal support so that employees can focus on strengthening the aspects specified in the law.
Restriction of Network Access to Non-Company Devices
Alliah should not permit staff to freely access the wireless network from devices that do not belong to the company or are not registered with it. A bring-your-own-device (BYOD) policy has certain advantages under the current state of the company (Barlette et al., 2021). As more people get involved in technology and business tasks increase, Alliah risks increasing the unauthorized sharing of corporate information.
Users’ own devices and the ability to add content to them (both personal and corporate) and then upload it to the public network pose threats to the company. Problems arising from such policies include the loss of devices and their subsequent hacking by others (Barlette et al., 2021). The company can never track whether it is just their employee working remotely or other users accessing the system (Doherty, 2021b). There are risks of subsequent data leakage due to staff malfeasance or other reasons related to migration to other systems.
Alliah must perform thorough audits on all devices with access to edit information in their product and make changes to network parameters. Changes to the wireless connection will be possible from almost any device because they will all have access to the corporate network (Barlette et al., 2021). Office wireless networks will always be under load because staff can use the devices for personal and business purposes. Increased access to the wireless network can lead to additional attacks from employee devices, as they may be able to make changes to corporate software. As a result, information leakage, corruption, and changes in transmission channels become critical consequences of following a BYOD policy.
Conclusion
Thus, Alliah should consider ways to improve wireless network security. These consist of a thorough analysis of the current state and assessing all possible security risks and threats. Alliah should examine the specifics of legal network security management and assess which aspects are lacking and need improvement. Recommendations include enhancing encryption technology, establishing a closed network, and strengthening the actual security of access points. Alliah should limit employee access from personal devices to reduce the strain on the network and reduce the risks of information leakage and miscommunication.
References
Barlette, Y., Jaouen, A., & Baillette, P. (2021). Bring Your Own Device (BYOD) as reversed IT adoption: Insights into managers’ coping strategies. International Journal of Information Management, 56.
Doherty, J. (2021a). Chapter 10. Intellectual property law. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021b). Chapter 11. The role of contracts. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021c). Chapter 12. Criminal law and tort law issues in cyberspace. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021d). Chapter 13. Information security governance. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021e). Chapter 6. WLAN and IP networking threat and vulnerability analysis. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021f). Chapter 7. Corporate information security and privacy regulation. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021g). Chapter 8. Federal government information security and privacy regulations. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Doherty, J. (2021h). Chapter 9. State laws protecting citizen information and breach notification law. In Wireless and mobile device security. 2nd ed. Jones & Barlett Learning.
Patra, J. P., & Mukherjee, S. (2021). Wireless network security threats and best method to warn. Turkish Journal of Computer and Mathematics Education, 12(12), 4147-4155.
Rashid, N., Asif, A. L., Kamlesh, K., Shibin, D., & Munwar, A. (2021). Survey in wireless network security. Archives of Computational Methods of Engineering, 29(1).
Vanjari, J., Babu, G., & Bansode, R. S. (2020). A study on wireless network security. International Journal of Innovative Research in Computer and Communication Engineering, 8(12).