Monthly Archives: September 2016

Businesses can take advantage of BYOD

The corporate workforce is changing: Employees used to stay chained to their cubicles, plugging away on company-issued PCs. Today, remote workers perform the same tasks on their own high-tech tablet or laptop while soaking up the atmosphere at their local coffee shop.

 

Employees are increasingly using their own devices as the mobile workforce grows in importance. A Computing Technology Industry Association study found that 84 percent of professionals surveyed use their smartphones for work, but only 22 percent of their companies had a formal mobility policy. The upshot of this mobile shift is that corporate networks will be increasingly vulnerable, unless these devices are reined in with a BYOD enterprise program.

If your company lacks a mobility policy, consider incorporating the following five elements into your BYOD program to save time and money.

 

1. Include clear, written rules

Eliminating risky end user behavior through clear BYOD policies saves IT expenses right off the bat. Some of the most salient points to cover in writing include:

  • Prohibited devices, such as jailbroken phones
  • Blacklisted applications
  • Procedures for lost or stolen devices, including the possibility of wiping out all data on a device
  • Privacy disclosures, such as what personal information the enterprise has access to on a device

Some of these issues, like whether the company can legally wipe out data on a device they do not own, should be cleared with your human resources and legal departments to minimize the risk of lawsuits.

 

2. Make sure it’s formally presented

It is not enough to have employees sign off that they have read the policies – formal classroom or online training is recommended to ensure comprehension and compliance – especially for less tech-savvy workers who might not understand that seemingly innocent actions can expose the company to risks.

 

3. Ensure that it’s scalable and flexible

Make sure your security software can be painlessly installed on new devices. Cloud-based services do this particularly well and are typically available on a per-user subscription model, which saves money by protecting only what is needed at any given time.

Also, consider exceptions to rules, such as allowing peer-to-peer networking programs for certain users who might benefit from these tools. Otherwise, employees may risk bypassing your security protocols in order to use forbidden applications.

 

4. Secure against the greatest number of threats possible

Risky behavior such as opening email attachments from strangers or visiting dubious sites on BYOD devices should be addressed in the written policies and further safeguarded via antivirus software.

There are other exploits to be aware of, which might not be as obvious, such as fake antivirus scanners that users might innocently install, and social engineering (or phishing) threats. A good endpoint protection program will keep employees up-to-date on these lesser-known attack vectors and continually inform them on how to best protect their devices. This does not require much expense but does involve staying abreast of threats and implementing a solid communication plan.

You Should Rethink Your Endpoint Security

For those reluctant to say goodbye to signature-based malware protection, read on for the first of a four-part series that delves into why small and medium-sized businesses should rethink their current solutions and explore cloud-based strategies for endpoint protection.

 

We are gathered here today, with not-quite heavy hearts, to say farewell to a constant companion. Our “friend” was part of our daily lives, popping up at the oddest times, seemingly just to say “hi,” or – as in any other high-maintenance relationship – demand we drop everything to give it some attention right now.

Imperfect, needy and often intrusive, we nonetheless tolerated its presence as a necessity in this cruel, crazy world full of bad guys – until something radical came along that made our “friend” a casualty in the unceasing conflict that can be called “The Malware Wars.”

The radical new element in the fray? The cloud. So, join us in saying, “Rest in peace, signature-based antivirus program,” and, “Hello, cloud-based endpoint security strategies.”

 

The changing world of web threats

Signature-based antivirus protection arguably peaked in the late 1990s and has been playing catch-up with the blackhats ever since. File injection and other basic virus types were mostly supplanted by Trojans, worms, backdoors and other stealthier nasties, which the big antivirus companies responded to slowly, as these threats did not fit their model of a virus.

Demonstrating how ineffective some solutions are to this day, the notorious 12-year-old Back Orifice 2000 Trojan is still infecting machines, and one out of three web malware encountered in 4Q 2011 were zero day threats, which are completely undetectable by signature-based schemes.

Hackers are also increasingly using social media scams and phishing, with even LinkedIn notifications becoming fair game for delivering exploits. It is clearly a more complicated world in the security space, and only getting worse.

 

New devices, greater risks

Apart from this ever-present development of increasingly sophisticated malware, endpoint security strategies must take into consideration the proliferation of mobile devices used to access workplace email accounts, enterprise Wi-Fi connections and even corporate VPN tunnels. From a security viewpoint, this is a nightmare, especially because mobile devices are fast becoming the number one target for hackers, with both the iPhone and Android devices being compromised in greater numbers.

The benefits and risks of managing remote workers

Visions of kicking back and working from the beach with a piña colada in one hand and an iPad in the other are no longer just flights of fancy for many workers. Businesses are finding that it really is possible for employees to work remotely on their own devices without losing any productivity.

 

As a result, many companies are measuring the benefits of employees working remotely against the logistical issues inherent in developing a mobile device management plan.

There are many tangible benefits of BYOD (Bring Your Own Device), including:

  • Reduced equipment costs
  • Increased employee satisfaction and efficiency
  • Decreased IT staff burden (since employees maintain their own equipment)
  • Reduced office space square footage (as workers are mostly off-site)

The risk in BYOD is that these devices can potentially expose security vulnerabilities not directly supervised by IT staff or addressed by corporate antivirus solutions. This is where the need for mobile device management comes in.

 

A new landscape of threats

Tablets and smartphones are arguably less secure than desktop PCs and laptops because they lack pre-installed malware protection. Most computers include at least a trial version of an antivirus suite, but for the newest mobile gadgets, individual users and IT managers are on their own to search for and install mobile endpoint security management.

This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. The old-school virus, while still annoying, does not hold a candle to the damage caused by these new approaches in cybercrime, which include more sophisticated Trojans, keyloggers, phishing attacks and malicious apps than ever before.

 

Maintaining security while not breaking the bank

Enforcing a ban on these devices is a near impossibility, but there are options for businesses on a tight budget to maintain security:

  1. The first cost-effective step is to immediately establish protocols regarding these devices in the workplace, including guidelines for acceptable use, forbidden applications and how to avoid dangerous activities, such as browsing certain questionable sites while connected to the company’s Wi-Fi.
  2. Next, evaluate your current solutions to see if they can be modified to protect BYOD devices through password enforcement, remote wiping or other protective measures.
  3. If the quantity of devices or sensitivity of data requires a more robust solution, explore whether the use of Mobile Device Management (MDM) software makes sense. MDM provides a centralized platform to manage all BYOD devices and is recommended if IT personnel are spending an inordinate amount of time securing tablets and smartphones – or if the sheer variety of devices and new threats tests their expertise.