With the ever increasing reliance on wireless networks there are more opportunities for risks to data by external forces trying to take advantage of the security weaknesses of a wireless network. There are many threats to wireless networks and many of these risks can cause damage to the organization’s and customers’ data. The first type of attack would include gaining access by going right into the network. Without the proper security measures an intruder could gain access to the wireless network by sniffing out the wireless signal and logging into the system which grants access to key data and business information. These types of attacks can be active or passive. The active attack is where the intruder is actively seeking out ways to intrude into the network and there is also passive ways for malicious entities to hinder a network. The active risks include direct access to an authorized network access, network hijacking, denial of service and flooding the network with unnecessary requests which limits the ability for the network to be used (Hayden, 2010). The passive attacks utilizes software programs to seek out unsecured or weakly secured networks and accesses them through the program to gain access and cause a disruption. These attacks can be limited and reduced with the appropriate network security measures such as password protection, encryption and other software and hardware security measures.
With data there are two different areas that require security measures and each are slightly different from one another. Here are the key differences and similarities between organizational data and customer data security needs.
Each area has its own area of similarity and differences. The security measures for each the internal and external users vary slightly based on location and whether or not they are within the firewall security of the organization. This access leads to the types of security measures required to secure the data.
There are many ways to ensure the organizational data is secured from internal and external threats. These threats can come in the form of malicious attacks or unintentional data leakage that could cause harm to the business. The data security is based on protecting the data and other assets from the risks of destructive forces or misappropriated use of the organization’s data. In order to ensure data security there are multiple methods of protection. The first area of protection is the utilization of an encryption method which denies the ability for an unauthorized source from viewing and using the data. This type of encryption normally resides on the hard drive or other storage area that the organization’s data resides. While this type of software encryption’s goal is to prevent malicious behavior there are still threats in the environment that would pose a risk to the data. As well as data encryption there is also data masking which is the process of masking or hiding the data to ensure sensitive or critical data is not present to a group that would be too broad in nature. This masking or securing of data could be limited to a specific group of people that would require specific credentials to access the data.
There are also hardware-based security measures that would thwart the risk of corruption, access or other malicious activity. These hardware based security measures are implemented through the use of security tokens. These tokens must be physically activated and present when logging into a secured system. This allows another point of security that protects the informational assets of the organization.
While there are varying ways to protect the data through software and hardware implementations there are other methods that allow for data security that are more process orientated. This includes establishing a periodic backup plan to secure and store the data so that progress would not be lost if the data is compromised and recovery is necessary. This is a critical component of the overall data security model. This is in essence saving the work the organization is producing so that the information derived from the data is not lost and negative ramifications are felt due to intrusion, corruption or other negative act on the data. Securing the data can be done through encryption, login protection, limiting access, hardware security measures and backing up data to preserve the integrity of the data and information.
Hayden, L. (2010). It security metrics. New York: McGraw Hill.