The most significant single cyber security vulnerability facing information technology managers today is the nature of wireless access points. A wireless access point is a device that enables wireless devices to connect to a wired network via WIFI and Bluetooth. The access point has been of immense advantage to organizations and other institutions, because it has reduced costs related to the purchase of many cables and connectivity. It has also ensured that there is a convenience in the use of the Internet within the organization through simple connectivity at different points of the organization. Wireless access points have also enabled users to roam easily from one coverage to the other, hence promoting their mobility and flexibility within the organization. Information technology managers perceive this network as the most significant vulnerability because of problems it could pose to the organization. Hackers have the capacity to read vital details relating to the organization by simply hacking into the communication and information systems of the organization using wireless access points. It is worthy to note that these networks are vulnerable because of weak security measures that exist to protect them. Unauthorized individuals are discovering new methods of interfering with wireless networks within organizations in order to access vital information within the organization. The wireless access point is also a vulnerability facing IT managers because some members of staff who could be unsatisfied with operations of the organization can easily compromise it internally. Members within the organization can compromise wireless access points internally through Rouge WLANS, accidental associations and insecure network configuration. Organizations can address potential impacts posed by the vulnerable wireless access points by installing security device, such as firewalls.
This essay explicates wireless access points as the most significant vulnerability facing IT managers today, its potential impacts and the manner in which organizations can address these impacts.
Description of the Vulnerability
Wireless access points enable individuals within the organization to share information via the internet, hence ensuring that operations are conducted in the quickest means possible. Notably, individuals are able to connect to wire networks using Bluetooth and WIFI. These networks have ensured that there is a convenience within most organizations as they are not required to buy many cables to facilitate the interconnection of computers. The most notable contribution of wireless networks is the speeding up of the process of communication within the organization. It is simple to install the wireless technology within the organization because of the less cables needed. The wireless access points existing within organizations give individuals the ability to roam from one coverage area to the other, hence, ensuring that there is flexibility and easier usability of the network. Despite the fact that wireless access points are a vulnerability to the organization, they are more preferred because of the perception that individuals can easily understand and use them at any instance. Unger (2003) asserts that wireless access points involving the use of WIFI usually have default configurations that must be accessed carefully by organizations before allowing Internet usability over a certain geographical area. The rampant technological developments all over the globe have necessitated the adoption of these networks in most parts.
The peer-peer and client to server are the two key topologies in wireless networks that can be configured within organizations. The peer-peer configuration is also called the ad hoc mode, and it involves Internet connectivity without using wires. It is simpler to install and understand, hence its wider usability in many parts of the globe. With peer-peer configurations, two or more devices within the organization are able to talk to each other without the involvement of an access point. On the other hand, the client to server configuration is also referred to as infrastructure networking, and it is identical to its wired counterpart except for that it does not use wires. Infrastructure networking is the most common wireless network that is used all over the globe in the conduction of different activities within organizations. Organizations continue to invest in these wireless networks because of its wider coverage and efficiency within the organization. Many organizations have continued with the process of adopting security measures in WLAN wireless connections in order to ensure that they are of more benefit than a liability to the organization. Research indicates that anyone in the neighboring geographical area with an open and encrypted wireless network has the capacity to access and record internal conversations between different employees within the organization. Organizations all over the globe perceive wireless networks more effective and have continuously modified them at each instance. Many risks relating to the use of wireless networks have continued to rise, as its usability increases in different parts of the globe. Risks continue to increase as organizations look for remedies to risks facing the use of wireless access points in the conduct of operations.
Reasons why Wireless Access Point is the most Important
The first key reason why the wireless access point is the most significant vulnerability facing IT managers is that employees can easily compromise it internally. Employees who may not be impressed by activities of the organization can easily compromise a wireless access point, hence affecting the overall internal operations. More so, the wireless access point is the most crucial vulnerability because employees may use it for selfish interests and gains outside the organization. Employees can easily compromise the wireless access point through setting up rouge access points, accidental associations, insecure network configurations and social engineering. Rogue access points are brought about in cases where an employee decides to hook up an access point without the knowledge of the IT manager within the organization. It is achieved through plugging an access point or a wireless router into the existing live LAN jack. It could also be achieved through the addition of an Access Point through the social engineering. Insecure network configurations occur due to the misconfiguration of some devices and technologies, such as firewalls, routers and VPNs. This ensures that all the security details are lost and individuals access all the information in a free manner. According to Ross (2008), accidental associations happen in cases where the wireless network is set up using a similar SSID, as the network within the range of the geographical coverage. These internal accidental associations can compromise wireless connections by ensuring that passwords and other security details put in place are affected. Social engineering is also a worse attack that could affect wireless network. It could lead to the exposure of significant information that is not supposed to be seen by unauthorized individuals. These internal risks have made the wireless access point the most significant vulnerability that most IT managers are exposed to. It is difficult to discover some of these internal threats at their earlier stages, hence, compromising effective operation using wireless networks.
Another significant reason why wireless access point is the most significant vulnerability is that it can be easily exploited by crackers. It is vital to note that crackers have easily discovered the loopholes existing in wireless networks and have taken advantage of this. They have found wireless access points the simplest means of accessing vital information that is used within organizations. This is an external indication of the fact that the wireless access point is the most vulnerable place within organizations’ communication systems and access to online data. Wireless technologies that are used to crack into wireless access points have been developed by hackers who are always aimed at ensuring that they interfere with the operation of the organization. Additionally, a wireless access point is the most significant vulnerability because of the manner in which it continues to be manipulated by hackers from outside the organization. The access of Internet through wireless access points is perceived to even reach individuals using laptops and even computers within the neighborhood. Hackers have been able to discover passwords and other configurations that are used in wireless access points, hence, continuous exploitation. This makes wireless access points the most important vulnerability within organizations. Information technology managers have tried employing security measures in dealing with crackers, but it looks impossible, as they adopt newer methods of accessing organizational information. In fact, wireless application networks have continued being vulnerable as many organizations and individuals continue using them in the satisfaction of different activities without putting into consideration the fact that other individuals could be accessing the information.
Impact of Vulnerability on Organizations
The high vulnerability of wireless access points has had immense impacts on organizations. These impacts include loss of vital information to competitive organizations, loss of property in organizations through crime and reduction in the profitability of organizations.
Organizations have lost most of their vital information to competitors due to the vulnerability of the wireless access points. Most organizations post vital information relating to their business operations and methods of production over Internet. In addition, different departments within organizations share significant information relating to the organization via wireless access points. Hackers have always accessed this information and shared with key competitors of the organization. The loss of vital information to key competitors has made it impossible for organizations to utilize all their business opportunities. This is because they find some of the business opportunities already take over by competitors who access information through hacking and other unorthodox means. The continued loss of opportunities within organizations has immensely contributed to inefficiencies and has made it difficult for organizations to survive in times of economic problems. Staff (2002) affirms that organizations have also lost vital information, hence, making it difficult for them to achieve their set objectives at any instance. This has also retarded the speed at which activities have continued being conducted within organizations.
Another vital impact brought about by the vulnerability of wireless access point is increased crimes within organizations. Organizations have been exposed to criminals due to the vulnerability of wireless access points. Most individuals intending to commit criminal offences have taken advantage of loopholes that exist in wireless access points within organizations. Criminals have been able to spy on entire operations of the organization, hence, setting up easier methods of stealing vital property owned by the business. Criminals have also been able to align themselves and organize criminal activities through the continuous monitoring of organization activities through wireless access points. Loopholes existing in wireless access points have also ensured that fraud activities escalate, as some of the employees take advantage of operations of the business. Fraudsters have also taken advantage of this vulnerability to benefit their self-interests. For instance, some of the monetary transactions of the business involving communication over Internet have been lost in hands of fraudsters who take advantage of this inefficiency. This has led to the continued reduction in business activities and the closure of most businesses. Therefore, the loss of business property and financial resource is one of the key impacts that have emanated from wireless access points as vulnerabilities facing IT managers.
Lastly, most organizations have continued incurring business losses due to the vulnerability of wireless access points. Markets have been flooded with commodities that are similar to those produced organizations using wireless access points. This is because of the continued monitoring of their business transactions and their target customers within the external environment. Businesses have found it hard to continue holding a competitive advantage over others because of the vulnerability of wireless Internet access points. The business losses that arise from the exposure of business customers and target market lead to a decline in the performance of organizations. This is likely to lead to continued inefficiencies in organizational operations, as there would be a reduction in revenues. Earnings available to the business would also have to decline as business details, and modes of operations are exposed to other individuals with malicious effects. The profitability of businesses will decline as they continue to miss market opportunities.
Address of these Impacts
Most wireless networks are configured with default out-of-the box settings, which make them insecure to the organization. The first step to improving the wireless security is changing the default password. This original password comes with the network settings and could be guessed by any user. A password is a secret code only known to the administrator in-charge of the information. Ross (2003) asserts that the password should be long and include different features such as letters, numbers or symbols that should be remembered by authorized users. Before the wireless network can be accessed and used by outsiders, they need the password to be able to connect to Internet. Cybers are the most vulnerable places for network hacking, as most of the computer literate customers can easily hack into the system. Public networks, which cover a wider area such as town, are at the risk of being hacked by every individual including those with tethering enabled phones. To enhance more security, the institution should have a general password that is given to different users and a private password that can close the network even to authorized users. This should be done in instances where the cyber operates within limits. Passwords could also be used to protect certain sites that are considered immoral or are against ethics of the organization. It could also be used to ensure that employees stick to the goals of the business, as opposed to their personal interests. The organization should ensure they change passwords regularly to minimize risks of disclosure by employees to outsiders. The password should not be too long and complex for administrators to remember, this ensures that organization’s operations are not disrupted.
The network identification can also be set by the organization to prevent unauthorized users from accessing the network. It is a seven-digit figure that consists of both alphabets and numeric values set on the access point. It works by transmitting an identity that is associated with the network. This identification could be either open or closed. If open, any user can connect to the access point and use the network without the proper authority. In a closed mode, only authorized individuals can access the network. The organization has its initial identification as the name of the organization and it will show its identification while advertising its products. This makes it easier for hackers to access the network. To ensure the maximum security, the organization should change the default identification to one that is secret to officials, set the mode to be closed to ensure that only authorized people are able to access the network. They should then set the access not to broadcast the identification. Identification numbers should be easy to remember and not easily hacked. The administration must ensure that the identification is changed regularly to avoid the spread of the number to friends by authorities. In most cases, this identification should be different from that used to access protected sites in the network. In case of institutions, this identification should be made public, as students may be too many. However, they should be limited in sites they can access.
Wired equivalency protocol and Wi-Fi protected access protocols can be set by the organization. The encryption keys should be made private to administrators. These protocols encrypt data sent from the access point to the users. These protocols can be enabled at two levels depending on the level of security needed. Flickenger & Weeks (2005) observe that this could be the 42-bit or 128-bit. For users to access the network, one or more keys must match with the ones configured in the access point. The higher the bit protocol, the higher the security, the protocol key should also have many characters to minimize the risk of hacking and guessing. The organization can also use a media access code given to all authorized employees and clients. It determines the clients that can connect to the network depending on the media access codes. It is an address that is hard-coded and identifies the individual address on a network interface card. This address is different from the IP address, because it is static and does not change even when the card is not in the computer. Therefore, it intensifies the security of the organization’s wireless network.
The nature of wireless access points is the most significant single cyber security vulnerability facing information technology managers. A wireless access point is a device that enables wireless devices to connect to a wired network via WIFI and Bluetooth. Organizations all over the globe have continued using wireless networks due to numerous advantages they bear and their ease of installation. It has also ensured that there is convenience in the use of Internet within the organization through a simple connectivity at different points of the organization. Wireless access points have also enabled users to roam easily from one coverage to the other, hence, promoting their mobility and flexibility within the organization. Information technology managers perceive this network as the most significant vulnerability because of problems it could pose to the organization. Wireless access points are the most vulnerable, because hackers have the capacity to read vital details relating to the organization by simply hacking into communication and information systems of the organization using wireless access points. It is worthy to note that these networks are vulnerable because of weak security measures that exist to protect them. Unauthorized individuals are discovering new methods of interfering with wireless networks within organizations, in order to access vital information within the organization. More so, members within the organization can compromise wireless access points internally through Rouge WLANS, accidental associations and insecure network configuration. The vulnerable wireless access points have led to the loss of business profits; they have also increased the rate of business crimes, and led to a reduction the profitability of businesses. Organizations can address the potential impacts posed by the vulnerable wireless access points by installing security device, such as firewalls. They should also change the default passwords that come with such wireless Internet connections