3.6 Wireless Security Policy
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
2 hours 23 minutes
Hello and welcome back to I t. Security policy. Still continue in Module three, The wireless security policy with myself. Troy Lemaire here on Cyber ERI
But he's learning. Objective is gonna be general requirements,
the lab and isolated wireless device requirements and then home wireless device requirements.
So if we go into the policy itself,
we're gonna see that there's an overview. Talks about how
mass explosion of smartphones and tablets pervasive wires connected is a given it any organization in secure wireless configure generation can provide an easy to open door for malicious threat actors.
The purpose of the policy is to secure and protect the information assets owned by the company
and the company grants access to these resource is as a privilege and must manage them responsibly to maintain confidentiality, integrity and availability of all information assets.
The policy specifies king conditions that wireless infrastructure bison must satisfy to connect to the network.
If you look at the scope, all the employees, contractors and basically anybody that would be affiliated with the company,
um, that maintain a wireless infrastructure device must adhere to the policy, and the policy applies to all in protective devices that connect to the company's network are reside on a company's site.
If we get into the meat of the policy, the general requirements are wireless infrastructure devices that reside at a company site
and connect to a network or provide access to information classified as confidential or above must. And this is gonna be one of those sections where you're going to want to modify things if you need to remove something, or you need to add something as things change over time.
But basically you're gonna buy by standard specified
in the water communication standard. Be installed. Supported, maintained by approved support Team
used. Approved authentication protocols use. Approve encryption protocols.
Maintain a hardware at Mac address that could be registered in tracked, not a fear with wireless access deployment. Maine time maintained by other support organizations.
If we look at lab and isolated wireless device requirements, all lab wireless infrastructure device that provide access the company confidential are above must adhere to the above section
and the lab are isolated. Wireless devices that do not provide general connectivity to the company network must be isolated from the corporate networking, ply with lab security policy
and then not affair with wireless access deployment maintained by other support
We look at the home wireless device requirements. Wireless infrastructure devices that provide direct access to the comfort network must conform to the home wireless device requirements
and then the wireless infrastructure devices that failed conform to the home wireless must be installed, a manner that prohibits direct access to the corporate network.
That's where you would use something like a VPN or some type of remote access or something where they're not actually directly connecting into your network there. Segment it off to where there's no direct access.
So in summary today, we discussed the water security policy. The general requirements
talk about lab and isolated wireless device requirements and then the home wireless device requirements.
The wireless security policy Recap question the 1st 1 All wireless infrastructure devices must use approve authentication blank and blank,
and that would be protocols and infrastructure.
Largest infrastructure devices that feel conformed to the home wireless device requirements must be installed in a manner that blank
direct access to the corporate network,
and that would be prohibits access our direct access to the corporate network
in the next lecture. We're gonna look at Bluetooth policy still part of the network policies. I look forward to seeing you in that course.
Have any questions?
Contact me through cyber message username at Troy Lemaire and, as always, thank you for attending this cyber retraining.