Free Essay

Wireless Network Security

In:

Submitted By reisb
Words 1614
Pages 7
Reis Barrie
Research Paper
CNT4514
Wireless Vulnerabilities

The world of wireless networks as we all know is one of the most rapidly growing areas in our world today. With the massive amount of data that is going on, “the cloud” the security of all of our data is questioned. As well with so many of our day to day tasks relying on our wireless capabilities it make you wonder how safe is it to rely so heavily on something. We have to ask the questions what are the key vulnerabilities of wireless networks and even just of networks in general. Different types of networks have different levels of safety and it is a good idea to know not only which are safe but the vulnerabilities of said networks to keep our information out of the wrong hands and keep our day to day life moving as smoothly as possible. Unlike wired LANs the wireless LAN users are not restricted to the physical area of a wired system. While this may feel beneficial to the user it is also very beneficial to sniffing and eavesdroppers who are listening to the radio waves that are broadcasted through the air. Intercepting these packets they can pick up messages that may contain sensitive information. Seeing how the range of a wireless LAN can extend beyond the building the eavesdroppers don’t even need to be inside the building. A simple thing you can do is open up your wireless adapter on your computer and see how many open wireless networks are around you. From my house I currently have 4 open wireless networks that I can connect to and if I had the correct skill set could be intercepting messages being transmitted over the wireless LAN. As well using a program such as insider Home you can see how many time someone has tried to connect to your network and attempted to join your network to possibly try to obtain sensitive information. As another example while I was visiting my parents in late March I decided to do a little test. I walked through the mall with my phone to see just how many open networks I could find from the stores around me. I was shocked to see that the mall which is fairly small and consisted of over 100 stores I stopped counting when I got to 42 open networks, as well for the stores with a closed network I tried the name of the store and I connected to 6 stores with a closed network simply by trying 1 time to break the password. Now all of these stores are in serious danger someone with the right skill set and a bad motive. All of the stores have the very real potential to have sensitive data breached and let loose into the wrong hands. Moving on, denial of service attacks or DDoS attacks are increasingly popular and for me the type of harassment that I have seen the most and have the most experience with. The denial of service attacks at the most basic definition flood your IP with so much “noise” that the legitimate packets can’t reach the final destination. Now the thing about this attack is that the attack does not need access to your wireless LAN, it can be done simply with an IP address. The DDOS attack effectively shut down the wireless network until the attacker stops the attack. Now it is good to note that not all interference is from attacks just because your service slows down, it could be from many other household things such as a 2.4 GHz cordless phone or a microwave. DDoS can attack many different things, for instance if a website is DDoS’ed then it won’t load for people that are wishing to look at the site. If you are to DDoS a network itself it can cause bandwidth saturation to the point that the network in unusable and it causes and outage. You can DDoS a server that is hosting something say, an online video game server could be DDoS’ed and the game would not be accessible until the attacker stopped. Recently DDoS attacks have been very popular because of how easy they are to execute and many companies have been the victim of these attacks. Late 2014 we saw many DDoS attacks that effected many people on a large scale scene, where normally these attacks would go untold last year a group decide to DDoS PlayStation networks causing the PlayStation online network to go off and on for about a week straight. As well as PlayStation we the same group hit another gaming community named Blizzard and launched many DDoS attacks taking down their online gaming servers for hours at a time over the period of a few days. The group that took responsibility was called LizardSquad, they have also been known to target a website called KrebsonSecurity[dot]com. On KrebsonSecurty they have proof of people from the LizardSquad organization trying to find new “hackers” which is a debatable term for someone that DDoS’s considering DDoS’ing requires virtually no skill, and asking for them applicants to take down one of two sites. If they could accomplish this task then they could join the LizardSquad group of “hackers” or as KrebsonSecurity calls them, “a gaggle of young misfits that has long tried to silence this web site.” Another example of DDoS is a more drastic when the hacktivist anonymous used DDoS attacks in 2006 and 2007 to cost Hal Turner and his radio show that some considered to be politically incorrect thousands of dollars in bandwidth bills that his radio show eventually went under. Hal Turner eventually attempted to sue the hacking group but the suit was soon dropped by the courts. Another growing section of wireless technologies is Bluetooth. Every day a new Bluetooth device is released, these devices are security nightmares for the most part. Bluetooth has been proves to have significant security vulnerabilities that include, “unauthorized access, information disclosure, remote eavesdropping, device manipulation and full compromise” according to the SANS technology institute. As well they add saying, “While many organizations disregard Bluetooth threats, thinking the technology is limited to short-range communication, the reality is that tests have shown it is possible for an attacker to communicate to a short-range Bluetooth device from over a mile away!” Now this means that a potential threat can easily upload malware to a phone that then sends all sorts of sensitive information such as contacts, calendar information, or note files. Adding to that Bluetooth networks are an ad-hoc network meaning that you generally don’t notices the amount of Bluetooth activity taking place. Rogue access points, what are they? Well a rogue access point is exactly what it sounds like, a malicious individual attempting to gain access to a network creates an access point that adopts the SSID of another network in order to attempt to gain access to that network by making the network believe that it is a legitimate part of the network. From the Cisco Press website which is a network related news site they said, “In August 2001, Gartner Group reported that at least 20 percent of enterprises already have rogue WLANs attached to their corporate networks from authorized network users. Thus, risk-adverse organizations that consciously decide to delay WLAN deployment because of the security risks need to monitor their airspace to ensure that rogue WLANs do not inadvertently open a door for intruders.” By installing an unauthorized access point you greatly increase the opportunity for a hacker to gain much easier access to your company’s personal files or for that matter anything else connected to the company’s network. One of the main defense against this is properly configuring the networks client system, it is extremely important to change all the default settings. For example, I know from experience that the default login for a router is usually admin/admin and using this I can gain access to all of the router settings including changing the login information. If these are left unchanged, they are very well known and very exploitable by hackers. It is also a good idea to change the password often and actively monitor the settings to see if something has changed because of a possible breech. As well using an 802.1x authentication system is important it is very difficult to get rogue access points through the 802.1x authentication. In conclusion we can see that while the work of wireless technologies is massively growing as well is the opportunity for cyber criminals to become more effective at taking sensitive information from innocent people. People need to take it upon themselves to either understand the way their systems work and how to properly secure them, or find someone(maybe someone from this class in the future) to help them setup a secure network in order to conduct their business on as safe as possible. The more we move into this wireless age the more danger that will always be around the corner, which just means the more we need to as a community understand our technology and not put ourselves or our companies in a vulnerable situation.

References
"Denial of Service Attacks." DoS or DDoS Attacks: What's the Difference? N.p., n.d. Web. 1 Apr. 2015.

Singhal, Sandeep. "Top 10 Vulnerabilities in Today's Wi-Fi Networks." Computerworld. N.p., 15 July 2002. Web. 1 Apr. 2015.

Thomas, Thomas M. "Wireless Security." Wireless Threats. Cisco Press, 27 June 2013. Web. 12 Apr. 2015.

Wright, Joshua. "Security Laboratory." Five Wireless Threats You May Not Know. N.p., n.d. Web. 3 Apr. 2015.

Similar Documents

Premium Essay

Wireless Networks & Network Security

...Wireless Networks & Network Security ISSC 340 Professor Vijay Venkatesh James Lange 08/13/2013 Wireless Networks are somewhat new technology in comparison to the know-how that makes them possible. The knowledge regarding wireless technology goes back about 200 years. One of the first individuals deserving recognition for today’s wireless networks is a scientist, inventor and politician named Benjamin Franklin. In 1747 he had built a model that showed how electricity could move through the air unaided by any type of wiring. In the early 1750’s Mr. Franklin started experimenting with electricity and the rest is history. Franklin was under the belief that lightening was an electrical current. So with the famous kite and key experiment he proved to himself and others that he was right. His fascination with electricity led him to later experiments with an electrical tube given to him by a friend. A second individual that played a part in today’s wireless technology is Hans Christian Oersted. In 1819 he had found that a compass needle had movement if it was presented with electrical current. This relationship between the needle and the electricity is an essential part of electromagnetism. It is said that this discovery by Oersted happened completely by chance. While preparing for one of his lectures he was setting up some of his equipment. The compass and battery were in close proximity to each other and the needle moved from magnetic north whenever the switch to the...

Words: 3213 - Pages: 13

Free Essay

Recommendations for Wireless Network Security Policy

...RECOMMENDATIONS FOR WIRELESS NETWORK SECURITY POLICY Introduction One of the newer technologies being increasingly used in today's business is that of wireless networks. While this technology has the advantages of providing greater user mobility and temporary access, it does have the disadvantage of an intrinsic lack of security. SECURITY THREATS There are a number of types of attack that wireless LANs are vulnerable to, based on different aspects of their operation and configuration. These include. i. Broadcast medium Wireless is a broadcast medium, where there is no way to control where the information is sent and who therefore has access to it. If an access point is set up and used in its default Configuration, then the user of such a system is vulnerable to attack, because anyone running sniffer software can see and capture everything that a user does across that network... ii. WEP Vulnerabilities. There were two problems with the original WEP encryption system. Firstly, the shared key system requires the use of the WEP key to verify a user attempting to connect to the wireless network. The second was the actual implementation of the encryption system itself. iii. Denial of Service This type of attack can be perpetrated by a jamming attack which can be either intentional attack which is one in which the attacker broadcasts a very high-power signal at the same frequency that the wireless network is operating on, causing interference to the network or unintentional...

Words: 906 - Pages: 4

Free Essay

Protecting Wireless Devices and Enhancing Security in a Wireless Network

...In this ever changing world, wireless communications has become a major platform for communications at work and at home. With popular mediums (Cell phones, PDA’s, Gameboys, Wii, Netbooks, iPods, etc…) like wireless devices, there are many advantages and disadvantages in operating wirelessly. No matter how you feel about the advantages or disadvantages of the devices, they need to be protected, along with setting up some form of security. On the website Howstufworksvideo (12) they show you the basics on how to setup home Network Security. You can go there can see how it is done. Just a few years ago, (25 Sep 07) there were some so-called experts saying that there was no need to secure your wireless system. In an article, David Ramel alleges that the importance of wireless security is overhyped, that it's now trivial to secure wireless nets and that IT pros have far more serious security concerns they should be addressing -- while home users have little to lose even in the remote chance someone tries to breach their network. (3) This person was obviously living in a sheltered environment because identity theft and credit card theft was out of control then. Now he is saying don’t worry about protecting your network and to just hold on to your wallet; basically. Either he was very innocent or totally clueless and is eating humble pie about now. Here are a few disadvantages. A limited spectrum, war driving, interfering signals can be generated by other devices in the...

Words: 2804 - Pages: 12

Free Essay

Wireless Network Security

...Wireless Network Security Wireless networks in personal homes are becoming more and more popular. With the ease of using no wires and the signal being broadcasted throughout the house, the new printers coming out that are network ready, and along with the new gaming systems like Playstation 3 and Xbox 360 all have wireless network settings. A wireless network is the most vulnerable network out if the precautions of taking time to set up the security properly. Everyone saves personal important information on their computer systems. When there is a wireless network with the settings not set right the computer system is fair game for any, who would like to look at information stored on the computer system. Viruses are not the only thing to protect against. Outsiders or even a neighbor can easily get into a computer’s information though a wireless network. Identity theft can even get implemented with wireless security, if you have a lot of personal information. Credit card information and bank account information can all be stolen from the system and then used for evil. Not only are personal homes affected, but businesses can be too. WarDriving is a big fad among the computer ‘hackers.’ WarDriving came from the movie “WarGames” staring Matthew Broderick. In the movie he did what was called “wardialing”. Wardialing is to keep dialing numbers that would access a computer system’s modem until you find a modem and gain access. WarDriving is where someone can drive around in a vehicle...

Words: 3576 - Pages: 15

Free Essay

Hybrid Security Approach for Nodes Authentication in Wireless Sensor Network Using Cellular Automata

... . . . . . . . . . . . Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3 3 4 4 4 5 6 7 7 8 8 9 . . . . . . . . . . . . . . . . . . . 10 2 Introduction 3 Wireless Sensor Network 3.1 The Basics of WSN . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1.1 3.1.2 3.1.3 3.2 3.3 3.4 Components of Sensor Nodes . . . . . . . . . . . . . . . . Key Features . . . . . . . . . . . . . . . . . . . . . . . . . Types of Sensor nodes . . . . . . . . . . . . . . . . . . . . Constraints in WSNs . . . . . . . . . . . . . . . . . . . . . . . . . Applications of WSN . . . . . . . . . . . . . . . . . . . . . . . . . Security Threats in WSN . . . . . . . . . . . . . . . . . . . . . . 4 Cellular Automata 4.1 Reversible Cellular Automata 5 Deployment issues in WSN with specific focus on authentication 5.1 5.2 Authentication of Cluster Head and Base Station . . . . . . . . . Authentication of Nodes . . . . . . . . . . . . . . . . . . . . . . . 12 13 13 14 15 15 15 16 6 Schemes as well as Supporting claims 6.1 6.2 6.3 Cloning attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . Replay Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Man-in-the-middle . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Conclusion List of Figures 1 2 3 4 5 Wireless sensor Network . . . . . . . . . . . . . . . . . . . . . . . Components of Sensor Nodes . . . . . . . . . . . . . . . . . . . . WSN with three types of sensor nodes . . . . . . . . . . . . . . . Elementary...

Words: 4368 - Pages: 18

Free Essay

Wireless

...TERM PAPER Wireless LAN Security Enabling and Protecting the Enterprise INSIDE INSIDE ∆ Wireless LAN Technology ∆ ∆ ∆ Benefits of Wireless LANs Security Risks and Technical Challenges Recommendations WIRELESS LAN SECURITY Contents Executive Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Wireless LAN Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Benefits of Wireless LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Simplified Implementation and Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Extended Reach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Increased Worker Mobility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Reduced Total Cost of Ownership and Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Security Risks and Technical Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 “Leaky” Buildings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Unapproved Deployments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Exposure of Wireless Devices . . . . . . . . . . . . . . . ....

Words: 2559 - Pages: 11

Premium Essay

Wireless Security Policy

...Wireless security policy for a medium-sized banking organization using the following structure: Wireless Security Policy - A wireless policy for a medium-sized banking organization will needed to deploy a wireless LAN to the network and there will not need an onsite IT. The remote can be manage by a standalone intelligent access point which will integrated the wireless LAN by streamline the configuration and management the system. The Network infrastructure wills us a Cisco system for Layer 2 and 3 switching, routing platforms, and voice over IP (VoIP) along with a security management. The Cisco Integrated Services Router will give all data a robust excellence quality for service, VPN, firewall, network security, and encryption for all medium sized origination with an intrusion detection that will address the business needed. To extend the value of the wireless LAN you can use a Cisco Wireless LAN Controller Module for the environments of a medium size origination. The mobility services that are enables by the robust which will include a guest network voice by the WLAN and location tracking. The Cisco 2800 or 3800 Series Integrated Services Router will give the medium size business faster upgrades with a streamline management and a greater reliability. It’s also have a backbone for infrastructure and deploy is cost effectively along with a secure WLANs management. This will give the medium size origination the greatest wireless system secure for the enterprise. Centralized...

Words: 467 - Pages: 2

Premium Essay

Wireless Computer Research

...Meraki White Paper: Wire ess LAN Security Version 1.0, March 2009 Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been difficult and time-consuming. This paper describes the security requirements for most companies and how Meraki can help them meet those challenges easily and at a low cost. Copyright © 2009 Meraki, Inc. All rights reserved. Trademarks Meraki® is a registered trademark of Meraki, Inc. www.meraki.com 660 Alabama St. San Francisco, California 94110 Phone: +1 415 632 5800 Fax: +1 415 632 5899 Table of Contents ( The Need For Sec rit" ###################################################################################################################### + ) What Doesn$t Work ######################################################################################################################### , * Recommended Sec rit" Architect res #############################################################################################- )!' Open with VPN !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! , )!( Shared Ke #WPA("PSK$ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - )!) User Authentication #WPA("Enterprise$ !!!!!!!!!!!!...

Words: 2275 - Pages: 10

Premium Essay

Itm425: Introduction to Computing

...Computer hardware is no longer a major barrier to wide use of wireless information systems. Wireless technology is evolving and becoming the preferred choice for connecting hardware and transferring information. Employing a wireless system allows corporations, like cruise ships, to provide a wireless service to its passengers without comprising information security. Without wireless technology this service would be impossible. To set up a basic wireless network, you will need a network card/adapter, a wireless router, and access points. The network card is the most important hardware component of wireless networking. The wireless router and access points are used to increase performance, accommodate more computers, and increase the network’s range. Network adapters are used to interface a computer to a network. They can be found as a traditional PCI card, PC Card adapter, USB adapter, media adapter, or an integrated wireless adapter chip. A wireless router allows multiple devices to access one internet connection. Through radio frequencies, data is transferred between devices connected to the network. Access points serve as the central receiver and transmitter of these radio frequencies. Other factors to consider when setting up a wireless network are compatibility, expenses, limitations due to distance and building structure, and Wi-Fi network security. Wireless network technology, also referred to as WLANs, uses an industry standard known as IEEE 802.11 that...

Words: 1299 - Pages: 6

Premium Essay

Test

...Degree Master of Science in Information Security Assurance January 9, 2014 1 SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING 2 A1 - Abstract Since 1999 wireless devices have become a necessity in enterprises. While increasing convenience, connectivity, and productivity, they also pose an unprecedented threat to network security guarding, which has literally taken to the airwaves. This paper will deal with vulnerabilities and risks regarding access points (APs) in a wireless network (WLAN) connecting to a wired local area network (LAN) in enterprises. Data for this paper will come from published academic papers, industry publications including white papers and surveys, and industry specialists. It will also include definitions of terms, policy and procedures that affect access points, and current practices regarding rogue APs. A case study will be presented for a fictional enterprise with multiple locations that has standard procedures, policies, and protocols in place, but recent events have questioned their ability to control access points with the discovery of rogue devices hidden in several office locations. Industry warnings about access points span the past thirteen years, and still new articles appear saying similar warnings, with only the solutions evolving with the technology. Suggested solutions will include security literacy regarding APs and their devices and their compliance; security audits to re-evaluate configurations of current...

Words: 18577 - Pages: 75

Free Essay

Wireless Communications

...Wireless Communications Paper Wireless communication involves the transmission of data from one point to another without the need to run cabling in-between. Although it seems relatively new to the end user today, it has surprisingly been around for longer than you may think dating back to the late 1800’s. The first wireless technology discovered was the Radio Frequency (RF signal). Thomas Edison and Nikola Tesla were two inventors that played a huge role in developing the RF technology we still use today. By conducting many experiments using wireless technology they together came up with the RF signal that was first implemented in WWII by the US Military. It wasn’t until the 1970s’ that the first ‘wireless network’ was developed called ALOHAnet. This new wireless network was made to communicate from island to island is Hawaii. Using LAN technologies and a 400 MHz frequency band ALOHAnet was the predecessor of many wireless technologies to come. Today we have many wireless technologies that are used for many different types of services. If you’ve used Bluetooth technology then you’ve used a Personal Area Network (PAN). A PAN network is intended for short ranges and typically controlled and used by a single person. If you’ve connected to the internet at work, a coffee shop, work, or at school then you’ve connected to part of a Wide Area Network (WAN) configured into a Local Area Network (LAN). Most people know a typical WAN by the name of WIFI, even though that’s just a business...

Words: 786 - Pages: 4

Premium Essay

Sec 572 Unit 2 Assignment

...9/13/2015 SEC-572-Network Security SYED MASTAN Professor Raef Yasin DeVry University Keller Graduate School of Management LAB-2 Assignment SOHO-NETWORK SET-UP SOHO WIRELESS NETWORK: The need and ability to work from home has increased dramatically in the past few years. With lower prices on high-speed Internet and networking equipment, many people are discovering that building and maintaining a small office/home office (SOHO) network isn’t as difficult as it used to be. The wireless or “WiFi” systems operate on a standard called 802.11 and therefore equipment from any vendor will normally work with a user’s device designed to communicate over a WiFi network. The SOHO set-up Includes: • It is a small accounting firm in a building...

Words: 1155 - Pages: 5

Free Essay

Final

...Associate Program Material Appendix J Wireless Network Plan Use the following outline to create your wireless network plan. Fill in each section of the plan as required. Deployment Scenario Infrastructure Deployment Scenario Rationale An infrastructure wireless network provides a more reliable network connection for wireless clients. If we strategically placed the stationary base we can maximum reception. Infrastructure mode networks offer the advantage of scalability, centralized security management and improved reach. Hardware Components • Component Name: Access point o Rationale for using component: Receive and transmit signal that can be picked up by any node that has the ability to receive wireless signals through a wireless network interface card. o Rough cost estimate: $100 • Component Name: Switches o Rationale for using component: Give the ability to expansion of a WLAN o Rough cost estimate: $250 • Component Name: Cables o Rationale for using component: The access point is connect to wired network with cables to give wireless access o Rough cost estimate:$10 IEEE Wireless Network Type Apex Designs has identified that an 802.11n LAN will be implemented. Access Point Management Apex Designs has decided that thin access points will be used to simplify the management of the wireless LAN. These access points allow the wireless network to be managed from one central location rather than to...

Words: 503 - Pages: 3

Premium Essay

Cvcvcv

...Wireless Wide Area Networks: Trends and Issues Wireless Wide Area Networks: Trends and Issues Mobile computing devices are getting smaller and more powerful, while the amount of information is growing astronomically. As the demand for connecting these devices to content-rich networks rises, WWAN technology seems like the perfect answer. But today's wireless WANs have some limitations. This white paper discusses those limitations and how NetMotion™ overcomes them. · Specialized equipment and custom applications were needed for deployment over these proprietary wireless systems. · Often the wireless infrastructures themselves were difficult to deploy. · Only a small percentage of the working population was mobile, so corporations considered wireless data deployment a significant investment with little return. Why the resurgence of interest in wireless data networking technologies now? In the late twentieth century, a few interesting social and technological developments took place. In the late 1990's, businesses began seeing the economic benefit of having employees who work away from their campuses. These remote (and sometimes nomadic) workers needed access to everyday corporate information to do their jobs. Providing workers with remote connectivity became a growing challenge for the information staff. Handheld and pocket-sized computers became powerful enough to be useful. The convergence of Internet networking technologies made IP the de facto standard. New standards such...

Words: 3176 - Pages: 13

Free Essay

Tft2

...Page 1 June 4, 2014 ABC Company Proposed revision of Information Security Policy Anthony Ronning: Information Security Manager OBJECTIVE: Due to the recent breach of our electronic health record (EHR) systems, it is necessary that policies pertaining to access and control mechanisms of health records be reviewed and/or modified to mitigate future incidents SPECIFIC GOALS: 1.) Implement a standard based on Attribute Based Access Control (ABAC) to ensure that electronic health records (EHR) are protected from unauthorized entities 2.) Implement a standard for the use of remote access methods to information systems 3.) Implement a standard that ensures that access to electronic health records (EHR) is audited and backed up without changes or over writing INFORMATION SECURITY POLICY GOALS: * Confidentiality = data or information is not made available or disclosed to unauthorized persons or processes * Unauthorized access = the INABILITY of unauthorized persons to read, write, modify, or communicate data/information or otherwise use any system resource * Integrity = data or information has not been altered or destroyed in an unauthorized manner * Availability = data or information is made accessible and usable upon demand by authorized users * Legislative and Regulatory Requirements = policies comply with Federal and HIPAA regulatory standards * Business continuity plan integration = policy revisions fall within the business continuity...

Words: 2279 - Pages: 10