By Martin Quinn (Principal Consultant) 18 October 2013
More and more businesses are opting for BYOD(bring your own device) devices , leaning towards a more open ,convenient and work/life integrated environment, however, this greatly increases the security threat to the business, which often have no control over what is installed and/or operated on these devices.
BYOD or Home users can install whatever they like on these devices, without restrictions, without necessarily evaluating the security implications all in support of convenience or usability. Many BYOD users will click through warnings and splash screens without ever reading any details and this is well known by cyber criminals and malware promoters.
So then, is convenience the true security threat? In the past system administrators have had control over who does and doesn’t have the ability to install software and programs, draconian or not, there were checks and balances in place to ensure that software and applications had business justification and met security requirements. With the introduction of BYOD into the business environment, this control is virtually non-existent, which can create a direct conduit into the business for nefarious actors to execute malware and the like unchecked.
Mobile devices, smartphones and tablets, have far less processing power compared to their desktop/laptop cousins. This reduced processing power means they have less bandwidth for built in security measures and hence making them more susceptible to attacks.
At a recent security conference I attended, mobile device malware statistics were reported as the number one growth area that cyber criminals are focusing on (36, 669 vulnerabilities in 2012 compared with 1,105,086 in 2013) and more alarming is that 12 per cent of Android devices in Australia had been attacked by malware – making Australia the most hacked in the world.
How then do we treat this? Rather than trying to turn back the tide, organisations need to use education and policy as the tools to reduce this threat. Combine this with tools that focus on securing the data rather than the devices and the business can have a measure of security in a BYOD environment.
Technology is no longer a privilege, but an expectation. Users now demand how they will be productive (from the type of device they want to the type of OS and software they use), it’s how we perceive and manage this which will ensure that convenience and security can co-exist within the business.
Intact Security specialises in information security and can help you develop a strategy on how to best manage BYOD devices within your organisation. Call today for a no obligation consultation on 8070 0083.
Relax. Your security is Intact.
Author: Intact Security