objective is to secure and protect the
company’s wireless network and the assets
within its network .
The Wireless Local Area Network Security
Policy applies to all uses and information contained on the network and the
people who are users of the
network. The company
grants access to these resources according to an individual’s role and must
managed to maintain the
confidentiality, integrity, and availability of all information assets. This policy is meant to ensure that the
deployment and use of the company’s
wireless local area network is controlled and
managed in a centralized manner to provide high levels of services whilst
maintaining network security. Only those wireless enabled devices that meet the
standards specified in this document are
approved for connection to the company’s wireless network.
network policy applies to all areas of wireless connectivity to the Company’s wireless network , and includes all wireless enabled devices like laptops , desktops
,mobile phones , tablets and any form of wireless
communication device capable of transmitting packet data operating
within the Company’s IP address range. All employees ,visitors and any other person connected to
the company’s wireless network must adhere to this Policy . Any form of connection to this network ,
whether from within the premises of the company or directly from a remote location
, must adhere to this policy. In the event that any provision of this
Policy is found to be inconsistent with the provisions of a collective
agreement, the collective agreement will prevail.
Department Of Information Technology Must ensure :-
Wireless Network Access Points must be registered and approved by the company’s Department of Information
wireless LAN hardware implementations shall utilize Wi-Fi certified devices
that are configured to use the latest security features available.
mechanisms should be put in place to prevent the misuse of Wireless Network Access Points .
wireless access points that connect a user to the Local Area Network shall require users to provide unique
authentication over secure channels and all data transmitted shall be encrypted
with an approved encryption technology.
The wireless network security meet the
Users will connect to the WLAN via Access Points, which will
provide the 802.11a/b/g/n connection standard for the client devices.
Encryption: The wireless networks will utilise AES (Advanced
Encryption Standard) level of encryption
Authentication: The authentication protocol selected used is
Protected EAP (PEAP). PEAP is an 802.1X authentication type for wireless
RISK ASSESMENT OF WIRELESS NETWORK
assessment is a process in which the risk is analyzed and explained. The basic
goal of the risk assessment is to control the risk in acceptability.
There are potential threats that attack
the wireless network system vulnerabilities.
The threats have adverse impacts on an organization and its business operations. Some of the
security risks of wireless networks include
Monitoring attacks: intercepting aerial signal to obtain information
concerned by analysis.
Interpolation attacks: counterfeiting legal user, accessing
system by using wireless channel and obtaining right of system control.
Unauthorized information service: user
can share systematic information resources under unauthorization.
The robustness of network: endurance of
network against local destruction or single equipment damage.
Mobile IP security: information security
problems of management and user in the case of user terminal moving locally or
ranging trans regionally.
Wireless interference: disturbing the
routine work of wireless channel by transmitting big power signals with the
AUDITING , MONITORING AND ENFORCEMENT OF SECURITY POLICY
The department of Information Technology
should monitor all traffic logs for all wireless network devices and systems
for auditing purposes.
The department of ICT should perform
penetration testing to all the Company’s
wireless devices in order to
determine the risks associated for protection of Company’s assets.
Assisting anybody to circumvent the
administrative access to the Company’s wireless network is a violation to this
policy and relevant action shall be
Attempting to circumvent the
administrative access to the wireless network is a violation to this policy
and relevant action shall be taken.
Any device found to be in violation of
this policy , or found to be causing
problems to the wireless network is subject to immediate disconnection
to the network.
Any employee found to have violated this
policy may be subject to disciplinary action up to and including termination of