Privacy and Data Protection in Wireless Networks.

Privacy: Is the state in which one is not observed or disturbed by others. The protection of one’s personal sphere and being able to control who knows what about them. Whereby, the personal information is not accessed just by anyone.

Data Protection: Is an act of safeguarding sensitive if not all information from data loss, and corruption. The goal is to protect and ensure its availability and compliance with regulatory requirements.

➢ Wireless security creates a layer of defense by combining encryption, authentication, access control, device security, and intrusion detection to defend against illegal access and ensure network security. The process begins with the wireless network’s encryption methods, such as WPA2 or WPA3, being activated to scramble data transfers.

- Users or devices wanting to connect to the network would be prompted to verify their identities to confirm the legitimacy of the connection request, usually via a password. Access control rules then specify the users or devices permitted to access the network and the level of access based on user roles, device kinds, and explicit access rights.

- Privacy and Data Protection in Wireless Networks is key in today's technological world due to the ever-increasing reliance and advancement in wireless communication and technology in general; personal, business, and government information is conveyed over networks.

Steps 1:

Before proceeding to the technical ways of safeguarding our data and ensuring privacy over networks, users should:

1. Ensure they use passwords, and encrypt documents. The passwords should not be weak and obvious, e.g., (date of birth, names, or reversed numbering) but to ensure we use strong passwords, it’s vital to include a mix of character, numeric, and special characters.

- This will ensure the safety of data in case of gadget loss or lending to someone who may try Brute Force Attacks; this is the use of different combination usernames, and passwords to gain unauthorized access. There’s a helpful way of storing passwords to avoid writing them down on paper, if someone has difficulty remembering passwords for all their online accounts, then save them in a centralized password manager program.

2. Avoid connecting to any network around us. Mostly, as humans, we want to save on cost. So, the availability of public Wi-Fi in town, hotels, or even at school can be a well-laid platform for attackers and hackers to infiltrate our data and violate our privacy. In such places, there is increased potential for vulnerabilities and the potential for significant impact if successful.

Attacks like:

• Man-in-the-middle (MitM) – Where hackers insert themselves into a communication channel between two parties, intercepting and potentially altering data.

• Distributed Denial of Service (DDoS) – Here there’s overwhelming of the network resources e.g., UDP flood, and HTTP flood, with malicious traffic thus making them unable to perform well and making it inaccessible to legitimate users.

• SQL Injection – Is the exploiting vulnerabilities in web applications to execute malicious SQL commands that exfiltrate or steal data from databases, including usernames, passwords, and financial information.

• Cross-Site Scripting (XSS) – This involves injection of malicious code into a web page, allowing attackers to execute arbitrary scripts. This kind of attack can be used to steal user data, hijack sessions, or distribute malware.

3. As users we can also ensure that we have updated devices and also consider the brands of gadgets we opt to purchase. For example, Samsung, and Apple gadgets have better security updates/patches even up to 5 years, whereas most brands don’t offer. A part from that, if you have a very old device most probably it will not be able to get any more security updates so better is to upgrade to something new and latest that has better hardware and software that is up-to-date.

4. Also, users can avoid, and block websites that might endanger the privacy and safety of their data. It’s even better since most of these browsing platforms e.g., google warn when one is about to access a site that is not safe and may have malicious activities. This also involves malware (trojan) that parades as legitimate software and once downloaded and executed, the trojan installs itself onto the victim’s devices and this creates a backdoor allowing the attacker to gain remote access to the infected system.

5. In addition, users can use firewalls that provide additional layer of protection against viruses, malware, and hackers and VPN (Virtual Private Network) that creates a secure tunnel between device and the server, and an encrypted connection (masking the IP address and making it look like one is browsing from a different location) between the user's device and the internet. This ensures that user's online activities are hidden from prying eyes, making it more difficult for hackers or other malicious actors to intercept the data.

6. Lastly, users should educate themselves on the best privacy and data protection practices on wireless networks. This will equip them with the latest and most improved tricks and tips on how to secure their data while on the network. 

Other steps:

- Wireless networks should embrace the wireless encryption methods that are secure like WPA2 with AES. This is a standard by the Institute of Electric and Electronic Engineering IEEE 802.11i and WPA2 using Advanced Encryption Standards (AES). AES is currently considered the strongest encryption protocol, whereas WPA2 doesn’t use TKIP (Temporary Key Integrity Protocol).

- Network administrator to configure a RADIUS server connection on a Cisco 3500 series WLC, which requires a shared secret password used to encrypt the messages between the WLC and the RADIUS server.

- Wireless networks should also use WLAN security protocol WPA3-Personal to avoid attacks where it strengthens the key exchange between clients and APs using a method known as Simultaneous Authentication of Equals SAE.

- Use Privacy Enhancing technologies (PETs) like anonymity techniques where identity of user and device are hidden. This can be by use of pseudonyms or anonymizing network traffic. Also, by location privacy, protecting the geographic location information of devices. This is significant in applications such as mobile networks and location-based services.

- Ensure data privacy to prevent data from being collected and transmitted via the sensor nodes Wireless Sensor Networks (WSNs). This can be achieved by, encryption, data aggregation, and secure routing protocols. System privacy is also to be considered so as to hide information about the location of sensor nodes and the network topology.

➢ The issue of security and privacy in wireless communication is crucial and there is a constant need to be well-informed due to emerging vulnerabilities.