Posts Tagged :

bring your own device

How ‘bring your own device’ policy complicates endpoint security

918 612 Stuart O'Brien

In 2020, each person had 6.58 network-connected devices on average, and the connectivity grows exponentially. Deloitte’s security experts estimate that the cost of a successful endpoint attack is over $5 million in lost productivity and remediation. 

Broadly speaking, endpoint devices are the gadgets that can access the network. Laptops, tablets, mobile phones, printers, and many more fall into this category. However, when it comes to corporate endpoints, the situation can get tricky: not only are the number of business’ devices greater, but servers also come into play. 

“Protecting the servers is challenging as they constantly receive numerous inbound requests and have to process all of them. Given this, corporate security systems have to be far bolder, and able to protect diverse endpoints. However, when companies have been operating within the office perimeter, all the traffic was being inspected by a common security stack. With the shift to remote workplaces, companies are focusing on end-user protection,” says NordVPN Teams’ CTO Juta Gurinaviciute. 

Are BYOD and WFH compatible? 

Half of the business leaders will allow their staff to work remotely at least part of the time after the lockdown, but initially, the pandemic transition wasn’t smooth and many exposures remain up to this day. In fact, 85% of chief information security officers (CISOs) admitted having sacrificed cybersecurity in an effort to establish a remote workplace for employees.

To ensure a swift and efficient transition, some managers suggested employees use their own laptops, monitors, and smartphones to work from home. These devices can’t be remotely managed by system administrators, opening up a plethora of potential vulnerabilities.

“The majority of the enterprise endpoints, such as laptops, PCs, or servers, can be supervised remotely. Security officers and IT admins can easily log into every device, make alterations, change users’ permissions and track their activity. Their hands, however, are tied when employees’ own machines are concerned, and the resilience lies only in the user’s consciousness,” says Gurinaviciute.

In addition to remote management, IT teams can effortlessly patch the vulnerabilities in corporate machines. Individual endpoint devices can also be updated automatically, but it lacks the finesse of patching in the corporate environment.

In this case, patches are downloaded once and deployed to all relevant machines via a centralized system. The latter can also fix vulnerabilities within servers, and the patching process is overseen and managed by professionals. They, for example, can run tests before putting updates into action and push them into every business device connected to the internal network. 

“Among other precautions, work computers do not grant the administrator rights to the end-user. This prevents them from installing irrelevant programs and, in some cases, malware. Home devices are more susceptible as every user controls them without any limitations. If this type of device is used for work, classified information might be leaked in a data breach, caused by negligence,” comments NordVPN Teams’ expert.

Implement zero-trust

The company perimeter has been changing in recent years. It is no longer sufficient to talk about the secure connection to the office, and telecommuters have to be protected no less than the HQ office perimeter itself. 

Security professionals now implement Zero Trust Access (ZTA) to limit the employees’ access to the corporate data. There are various types of zero-trust—network, transport, session, application, or data, to mention a few,—but the biggest focus is on the device and user area. It shouldn’t be surprising as cybersecurity today is mostly approached from an identity and authentication perspective. 

“With ZTA, users can only reach information needed to complete the task, and for a limited time only. However, with systems being increasingly complex, information security teams have to focus on app and data levels, as it is important to monitor which applications invoke suspicious queries. With this information, security officers can identify hackers trying to leverage open ports or services for an attack,” says Gurinaviciute.

While robust software is necessary, numerous cybersecurity solutions can cause confusion. Today, endpoints are protected by 10.2 security agents on average, but they create conflicts and might leave the vulnerabilities exposed. This is also the case in an emergency, as organizations using more cybersecurity tools ranked 8% lower in their ability to detect attacks. 

“Before implementing ZTA and rethinking your data breach containment plan, make sure to cut the deadweight of unused devices and user accounts. Unpatched and forgotten mobile phones or the software that some of your employees never use can broaden the surface area for a cyberattack. Apply a minimalist approach, but resort to trusted and effective protection measures,” recommends NordVPN Teams’ CTO. 

Kevin Timms

GUEST BLOG: Improving the understanding of BYOD policies will help SMEs tackle the cyber threat in 2017

960 640 Stuart O'Brien

By Kevin Timms, COO and Co-founder of Streamwire

In the past year it seems a day hasn’t gone past where a high-profile cyber breach has not been documented in the media – and it seems that there will be no slowdown in the year ahead. Already in 2017, Lloyds bank has suffered at the hands of a DDoS attack, preventing a number of customers accessing their online banking. Further, in February the disclosure of two separate hacks resulted in Verizon securing a $350m discount on their acquisition of Yahoo. The deal’s closing date has also been pushed back to the second quarter of 2017.

The news tends to focus on big-scale attacks against large organisations, but cybersecurity is just as much of a business issue for SMEs. It can be argued that smaller enterprises face an even greater challenge because they will likely lack the resources and experience that larger organisations have to tackle threats. A larger proportion of IT budgets are often assigned to business as usual IT rather than making improvements, and it is also more likely that responsibility for IT will fall on the shoulders of executives who are not IT specialists.

For cyber criminals, SMEs are often an easier target. A lack of security systems and processes mean criminals find less resistance when trying to compromise systems and a have a higher chance in stealing valuable data. A critical challenge for SMEs is the use of personal devices in the workplace, commonly known as bring your own device (BYOD). Such an approach for devices has been particularly useful for SMEs trying to develop more flexible ways of working, but the security implications have often not been as well considered.

A 2017 report by Tenable Network Security sets out the challenges. According to the report, UK security professionals’ confidence in accurately assessing cyber risks has fallen from 73 per cent to 59 per cent from 2016’s report, with the biggest challenges facing IT security professionals today including “low security awareness among employees” and a “lack of network visibility” due to bring your own device (BYOD) practices and shadow IT.

As the threat from cyber security has increased, so has the responsibility of every employee to better understand the risks they face from hackers, and to work constructively with IT teams to make sure processes are followed.

The flexibility of BYOD can in turn lead to risks with employees downloading and using unsecured, third-party apps on personal devices that are not sanctioned by IT teams. Simple passwords and unlicensed software can also contribute to increased security threats.

Encrypting BYOD devices and guaranteeing that they are as secure as other systems in an organisation can help solve the visibility and security issues, but all employees must follow the same regulations. Additional security measures involve using a mobile management tool for tablets and smartphones, which can enforce policies such as strong passwords on the device and remotely deleting any company data by resetting it, if lost. If BYOD is offered, then the same level of security offered through anti-virus software and other security policies need to be maintained on personal devices. These steps serve as a starting block for many SMEs in increasing visibility of devices while ensuring that security is upheld throughout.

With constant threats lurking around the corner, organisations must be quick to understand the cyber security issues facing them, or else see systems breached. While BYOD has been a great tool for SMEs to provide innovative approaches to businesses, it is a multi-layered initiative that requires careful planning and understanding throughout an organisation. By incorporating simple steps, SMEs can increase their confidence in improving security while having the ability to tackle any potential attacks that may appear.

www.streamwire.co.uk