Week 11: Readings, In the News, and Question for Class
Readings: Microsoft’s Technet Library: How 802.11 Wireless Works, March 28, 2003. Provides a detailed overview of the elements of the IEEE 802.11 protocol architecture and associated technologies. The article provides a top down view of how the protocol works and delves into the format details of the 802.11 media access control (MAC) sublayer of the data-link layer, and further detailing the format of the Frame Control field, which contains information on whether or not WEP encryption is used. This dated article provides an overview of the workings of WEP encryption and decryption and explains the security issues and vulnerabilities of WEP and the need for WPA, but does not cover the more secure WPA2 security protocol which replaces WPA in 2004.
Wikipedia’s IEEE_802.11, provides details, history, and evolution of the IEEE 802.11 specifications for the media access control (MAC) and physical layer (PHY) for implementing wireless local area network communication in a number of frequency bands.
In the News: One in Five Employees Would Sell Work Passwords: Survey, Eduard Kovacs, SecurityWeek March 21. 2016. SailPoint conducted a market survey of 1,000 people working at large organizations in US, Europe, and Australia and found employees’ poor password security, hygiene and ethics exposing their employers to cybersecurity risks. 65% of respondents admitted to using 1 password for multiple applications, ~33% share passwords with coworkers, ~20% would sell their work passwords to a 3rd party and ~10% would sell their work passwords for less than $1,000. The respondents cited their decision to bypass IT to streamline their work, and 33% of employees indicated that they purchased SaaS applications without their IT department’s knowledge, and 25% uploaded sensitive information to cloud applications with the specific intent to share the files outside the company. 40% of respondents said they still have access to a variety of corporate accounts from their previous jobs. While many did not seem concerned with the need to help protect their employer’s data from breaches, 40% indicated they would stop doing business with a firm that suffered such a breach.
http://www.securityweek.com/one-five-employees-would-sell-work-passwords-survey
Question for Class: Why do you believe information security hygiene is so poor in so many companies?
Leave a Reply