Strengthening Network Security for Alliah Company: WLAN and Mobile Vulnerabilities and Mitigation

by | Jan 15, 2024 | Computer science

 

SCENARIO
You are a network professional on the IT team at Alliah Company, a new but fast-growing social media provider. One year ago, Alliah launched a social media website aimed at young professionals. The company also released a mobile app for accessing the site from cellular devices. Alliah was able to launch its website with money generated by a crowd-funded campaign, but most of the funds were spent on the site and app development, with relatively little money (and time) devoted to the internal office network infrastructure.

Alliah has 35 full-time employees, all of whom have offices or shared work spaces in a three-story building that serves as the company headquarters. The building is an old warehouse that was converted for office use and is approximately 10,000 square feet. Currently, the employees occupy only two floors; the third floor is vacant and available for expansion.

The Alliah WLAN has a gigabit managed switch, a multiservice wireless LAN controller, and seven wireless access points strategically located to provide coverage to office staff. One access point services a large back patio area for employee use. The network is protected by a firewall. The Alliah website servers are located in a data center 100 miles from Alliah headquarters.

Five employees are account representatives who are on the road at least 80 percent of the time, and each rep has a company-issued laptop, tablet, and smartphone. They use a large, shared office in the headquarters building when they are not traveling.

Employees use company-owned computers that connect to the WLAN, and, in an effort to control costs during the launch, Alliah has a bring your own device (BYOD) policy.

The IT staff consists of five employees; three are devoted to website maintenance, one manages the headquarters’ computers and network, and another employee assists with the website and the office network. IT staff uses wired Ethernet connections to remotely access the website servers.

The Alliah website is successful, attracting more and more visitors each month. Jennifer, the CEO, anticipates hiring more employees and is considering a strategy that would take the company public within a few years. In preparation, she wants to ensure that Alliah’s wireless networking infrastructure is highly secure, especially because it may need to grow quickly in a short period of time, and she wants to understand the security risks the company faces. She also wants to decide if Alliah should continue allowing BYOD or restrict network access to company-owned devices only, or if a compromise solution is available.
A. Describe two WLAN vulnerabilities that present risks for Alliah, based on the details in the scenario.
B. Describe two mobile vulnerabilities that present risks for Alliah, based on the details in the scenario.
C. Summarize the steps for mitigating each identified WLAN and mobile vulnerability, including the specific tools or documentation that will be needed for mitigation.
D. Recommend preventive measures to maintain the security posture of WLAN and mobile environments in a small business, such as Alliah. Reference federal, state, or industry regulations that justify these measures.
E. Recommend a solution for the company’s BYOD approach, including research to justify your recommendation.
F. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
G. Demonstrate professional communication in the content and presentation of your submission.

Sample solution

Dante Alighieri played a critical role in the literature world through his poem Divine Comedy that was written in the 14th century. The poem contains Inferno, Purgatorio, and Paradiso. The Inferno is a description of the nine circles of torment that are found on the earth. It depicts the realms of the people that have gone against the spiritual values and who, instead, have chosen bestial appetite, violence, or fraud and malice. The nine circles of hell are limbo, lust, gluttony, greed and wrath. Others are heresy, violence, fraud, and treachery. The purpose of this paper is to examine the Dante’s Inferno in the perspective of its portrayal of God’s image and the justification of hell. 

In this epic poem, God is portrayed as a super being guilty of multiple weaknesses including being egotistic, unjust, and hypocritical. Dante, in this poem, depicts God as being more human than divine by challenging God’s omnipotence. Additionally, the manner in which Dante describes Hell is in full contradiction to the morals of God as written in the Bible. When god arranges Hell to flatter Himself, He commits egotism, a sin that is common among human beings (Cheney, 2016). The weakness is depicted in Limbo and on the Gate of Hell where, for instance, God sends those who do not worship Him to Hell. This implies that failure to worship Him is a sin.


This question has been answered

God is also depicted as lacking justice in His actions thus removing the godly image. The injustice is portrayed by the manner in which the sodomites and opportunists are treated. The opportunists are subjected to banner chasing in their lives after death followed by being stung by insects and maggots. They are known to having done neither good nor bad during their lifetimes and, therefore, justice could have demanded that they be granted a neutral punishment having lived a neutral life. The sodomites are also punished unfairly by God when Brunetto Lattini is condemned to hell despite being a good leader (Babor, T. F., McGovern, T., & Robaina, K. (2017). While he commited sodomy, God chooses to ignore all the other good deeds that Brunetto did.

Finally, God is also portrayed as being hypocritical in His actions, a sin that further diminishes His godliness and makes Him more human. A case in point is when God condemns the sin of egotism and goes ahead to commit it repeatedly. Proverbs 29:23 states that “arrogance will bring your downfall, but if you are humble, you will be respected.” When Slattery condemns Dante’s human state as being weak, doubtful, and limited, he is proving God’s hypocrisy because He is also human (Verdicchio, 2015). The actions of God in Hell as portrayed by Dante are inconsistent with the Biblical literature. Both Dante and God are prone to making mistakes, something common among human beings thus making God more human.

To wrap it up, Dante portrays God is more human since He commits the same sins that humans commit: egotism, hypocrisy, and injustice. Hell is justified as being a destination for victims of the mistakes committed by God. The Hell is presented as being a totally different place as compared to what is written about it in the Bible. As a result, reading through the text gives an image of God who is prone to the very mistakes common to humans thus ripping Him off His lofty status of divine and, instead, making Him a mere human. Whether or not Dante did it intentionally is subject to debate but one thing is clear in the poem: the misconstrued notion of God is revealed to future generations.

 

References

Babor, T. F., McGovern, T., & Robaina, K. (2017). Dante’s inferno: Seven deadly sins in scientific publishing and how to avoid them. Addiction Science: A Guide for the Perplexed, 267.

Cheney, L. D. G. (2016). Illustrations for Dante’s Inferno: A Comparative Study of Sandro Botticelli, Giovanni Stradano, and Federico Zuccaro. Cultural and Religious Studies4(8), 487.

Verdicchio, M. (2015). Irony and Desire in Dante’s” Inferno” 27. Italica, 285-297.

Sample Answer

Sample Answer

Title: Strengthening Network Security for Alliah Company: WLAN and Mobile Vulnerabilities and Mitigation

Introduction

In the fast-growing world of social media, Alliah Company has made its mark with a successful website and mobile app. However, the company’s internal network infrastructure has been neglected, leaving it vulnerable to potential security risks. This essay will explore two WLAN vulnerabilities and two mobile vulnerabilities that present risks for Alliah, and outline steps for mitigating each vulnerability. Additionally, preventive measures will be recommended to maintain the security posture of WLAN and mobile environments in a small business like Alliah. Finally, a solution for the company’s BYOD approach will be recommended, supported by relevant research.

A. WLAN Vulnerabilities and Risks

Insufficient WLAN Encryption: The Alliah WLAN may be using weak encryption protocols or no encryption at all, leaving the network susceptible to unauthorized access and data breaches. Without proper encryption, sensitive information transmitted over the network can be intercepted and exploited by malicious actors.

Inadequate Access Point Placement: The strategic placement of access points is crucial to ensure complete and reliable coverage throughout the office space. If access points are improperly placed or insufficient in number, dead zones may exist where network connectivity is weak or non-existent. This creates opportunities for attackers to exploit these weak spots for unauthorized access or to launch attacks on the network.

B. Mobile Vulnerabilities and Risks

Unsecured Wi-Fi Connections: When employees use their company-issued laptops, tablets, and smartphones on public Wi-Fi networks while traveling, they expose themselves to potential risks. Unsecured Wi-Fi connections can be exploited by attackers to intercept sensitive data, including login credentials or proprietary information stored on these devices.

Lack of Mobile Device Management: Alliah currently lacks a comprehensive mobile device management (MDM) solution to enforce security policies and manage company-owned devices remotely. Without proper MDM, the company is unable to ensure that devices are up-to-date with security patches, have strong passwords, or have necessary security features enabled. This increases the risk of data breaches or unauthorized access if a device is lost or stolen.

C. Mitigation Steps for WLAN and Mobile Vulnerabilities

Mitigating WLAN Vulnerabilities:

Implement Strong Encryption: Alliah should ensure that the WLAN is configured with the latest encryption standards, such as WPA3 or AES (Advanced Encryption Standard). This will protect data in transit and prevent unauthorized access.
Conduct Site Survey: A professional site survey should be conducted to assess the current placement of access points and identify any dead zones. Based on the findings, additional access points may need to be installed or existing ones repositioned to ensure complete coverage.

Mitigating Mobile Vulnerabilities:

Use VPN for Remote Connections: Alliah should require employees to use a virtual private network (VPN) when connecting to the company’s network remotely. This will encrypt all traffic between the device and the network, even when using public Wi-Fi, providing an additional layer of security.
Implement Mobile Device Management (MDM): Alliah should invest in a robust MDM solution that allows for centralized management of company-owned devices. MDM software can enforce security policies, remotely wipe or lock devices in case of loss or theft, and ensure devices are updated with the latest security patches.

D. Preventive Measures for WLAN and Mobile Security

To maintain the security posture of WLAN and mobile environments in a small business like Alliah, the following preventive measures should be implemented:

Regular Security Audits: Alliah should conduct routine security audits to identify vulnerabilities and weaknesses in their network infrastructure and mobile devices. This can help detect potential threats before they are exploited.

Employee Education: Ongoing employee training on best practices for network security and safe mobile device usage is essential. This includes educating employees about the risks associated with using unsecured Wi-Fi networks and promoting overall awareness of cybersecurity threats.

Compliance with Regulations: Alliah should adhere to federal, state, or industry regulations related to data protection and privacy, such as the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA). Compliance with these regulations not only helps protect customer data but also ensures legal and financial consequences are avoided.

E. BYOD Approach Solution

The BYOD approach can offer flexibility and cost savings for a company like Alliah; however, it also introduces additional security risks. To strike a balance between employee convenience and network security, a compromise solution is recommended:

Implement a “Bring Your Own Device” policy that requires employees’ personal devices to comply with certain security standards before connecting to the corporate network. This includes ensuring devices have up-to-date operating systems, strong passwords, and security features enabled (such as biometric authentication). Additionally, employees should install recommended security applications (e.g., antivirus software) and regularly update them.

Research suggests that implementing such a policy can significantly reduce security risks associated with BYOD while still allowing employees to use their preferred devices for work purposes (Source: Gartner Research).

Conclusion

By addressing WLAN vulnerabilities through encryption implementation and proper access point placement, as well as mitigating mobile vulnerabilities through VPN usage and MDM implementation, Alliah Company can significantly enhance its network security posture. Additionally, preventive measures such as regular security audits, employee education, and compliance with regulations will help maintain a secure environment. Lastly, adopting a compromise BYOD policy supported by research will strike a balance between employee convenience and network security. By implementing these recommendations, Alliah can ensure that its network infrastructure remains highly secure as it continues its growth trajectory in the social media industry.

References

Gartner Research: “Bring Your Own Device (BYOD) Security Best Practices,” retrieved from https://www.gartner.com/smarterwithgartner/bring-your-own-device-byod-security-best-practices/

 

 

This question has been answered.

Get Answer