WGU C844 EMERGING TECHNOLOGIES IN CYBERSECURITY

WGU C844 EMERGING TECHNOLOGIES IN CYBERSECURITY Performance Assessment GRP-1 Task 2 Table of Contents A. Wireless Local Area Network (WLAN) Vulnerabilities. 2 B. Mobile Device Vulnerabilities. 2 C. Steps for Mitigation. 3 D. Preventative Measures. 4 E. Recommended Solution for Bring Your Own Device (BYOD). 4 F. Cited Sources. 5 A. Wireless Local Area Network (WLAN) Vulnerabilities Within this section I will point specifically point out some of the potential Wireless Local Area Network (WLAN) vulnerabilities found during the initial review of the Alliah corporate headquarters. Even though these two vulnerabilities are the focus this WLAN Vulnerabilities section, a further, in-depth inspection and assessment may lead to others as well. Below are the two vulnerabilities that should be considered the first and foremost that should be considered to contain the most impact to the network infrastructure, corporate data, and employees and I recommend to address at the earliest stages. • The third floor is vacant for expansion, this space could easily house a rogue access point used for Man-in-the-Middle (MITM) attacks and data capture wherein “an attacker deploys an access point (AP) that has been configured to appear as part of an organization’s WLAN infrastructure” (NIST Special Publication 800-153, Guideline to Securing Wireless Local Area Networks (WLANs), 2012). If this unoccupied space is not secured, monitored, and inspected during both scheduled and unscheduled time periods a malicious actor could install and configure unknown wireless access points (WAP) for use as network/data monitoring and capture and to launch MITM attacks. • The patio area used by the employees could also be considered a vulnerability depending on the strength of the wireless network signal. Wireless sniffers can “sniff” out and find wireless networks and launch attacks and capture network traffic and corporate data. If the network signal extends into and past the boundaries of the Alliah external surroundings, mobile attackers using Wardriving and Warchalking techniques, “driving around office parks with attempting to connect to open access points” (NIST Special Publication 800-42 Guideline on Network Security Testing, 2003 and SP 800-115 Technical Guide to Information Security Testing and Assessment, 2008). This technique could be used to identify and access the Alliah network and also mark it for other potential malicious actors. While these above topics are but two examples, once again a thorough inspection of the Alliah headquarters and system security policies may provide additional vulnerabilities found that would need to be mitigated. B. Mobile Device Vulnerabilities 2 Within this section I will draw attention to two vulnerabilities associated with mobile device use within the Alliah corporation. In today’s society, the use of mobile devices are a wide-set phenomenon that allows users to perform productivity actions virtually anywhere. Tasks can be accomplished in areas that have and do not have network connectivity and afterwards, once connecting to a network, those tasks and task updates can simply be uploaded to corporate or cloud networks or emailed to the intended recipient or group. But with these abilities, also come risks that must be mitigated to prevent the loss/theft of equipment, data or both. • Loss or theft of mobile devices is a concern for all corporate members of Alliah, whether the device is corporately owned or privately owned since Alliah allows a BYOD policy. Mobile devices, as this name would indicate, provide a user to move around from one location to another with the device. This opens the possibility for the owner to lose or forget the device at any number of locations such as a local coffee shop or even within the within the confines of the Alliah corporate headquarters itself. The ability to transport and use the devices in public areas such as airports, coffee shops, hotel rooms and conferences also present the opportunity for possible theft of these devices. • Remote connections to the Alliah corporate resources are a concern as the company has five account representatives that are away from the corporate headquarters at least 80% of the time. All users that utilize a public Wi-Fi connection are placing the data on the device as well as while in transmission at a risk and could be easily captured, stolen, and redirected to another destination. C. Steps for Mitigation Having a plan to mitigate risks and their associated vulnerabilities is an essential process that the Alliah corporation must implement. Most risks cannot be completely eliminated but can be reduced through a risk mitigation plan, the level of exposure to the potential vulnerability can be lessened to a point of acceptability. “Organizations should conduct risk assessments to identify the threats against their WLANs” (NIST Special Publication 800-153 Guidelines for Securing Wireless Local Area Networks (WLANs), 2012). To assist with risk mitigation of the specified vulnerabilities found for the wireless local area network and mobile devices, I have listed some of the available options below for consideration. • For the unused vacant third floor of the Alliah corporate headquarters, security is a concern and should addressed through the use of various types of locks, key fobs for entry, closed circuit tv cameras, biometrics, and roaming security forces that will physically inspect the vacant areas. “Organizations with WLANs should conduct regular