| Summary: | 碩士 === 輔仁大學 === 資訊管理學系 === 93 === When the enterprises face the trend of wireless network, how can the enterprises enjoy the convenience of wireless network and also avoid the hacker’s attack through the wireless network? The goal of this study is to investigate the implication of wireless security, to establish the framework of wireless network information security and to assist the enterprises in using the wireless information model to avoid the leak of wireless security at the beginning of wireless network establishment and avoid the critical effects of enterprises confidential information flowing outward.
This research is to investigate the problem of information security for the enterprise that build the wireless network, and find the best solution of wireless information security infrastrcture. First of all, this study surveyed the literature related to the information security, BS 7799, the policy of information security and the wireless network, and formed the foundation of this research. Second, this study constructed a theoretical model of 24 factors from dimensions of technical, organization policy and behavior of employees. Third, this study adjusted the 24 factors to 22 after interviewing with some experts. Fourth, according to the conclusion of experts’ to interview, seven enterprises which have builded the wireless network were chosen as the subjects of case study. Finally, we provided serveral propositions based on the result of case study.
According to the findings of the study, there are 10 essential items about enterprise wireless network information security. First, the wireless network and intranet shall be divided into two different domains. Second, transist data through the wireless AP should be encrypted by WEP key. Third, use the same rule of anti-virus and anti-hackers both on leased line and wireless network. Fourth, change the wireless AP’s service set identifier (SSID) at the beginning. Fifth, detect the overflow waves. Sixth, assign IT staff in charge of information security events. Seventh, keep on checking the information security on schedule. Eighth, fully support from enterprise CEO or CIO. Nineth, choose the IT person carefully, set up the wireless equipment by IT person. Ten, enhance the information security concepts, avoid the mistakes of inappropriate use. If enterprise can follow the 10 items, the degree of information security will at least stay at the middle level. Enterprise can then enjoy benefits of wireless network and secure protection of information both.
|
|---|
