THE IT SECURITY PROFESSIONAL |
Barlowtek
The It security Pro
Helping Organizations Understand IT Security
&
Best Practices
Protected AccessOne of the issues that comes to mind when looking at whether you should permit BYOD (Bring-Your-Own-Device) on your network is the potential threat that they pose. Whether it is from how the device is set up or configured, the device poses a threat to your network since the network administrators won’t directly manage it. This could lead to a potential compromise that is out of the hands of those that are responsible for securing the corporate network. Security Concerns vs. Privacy When addressing the idea of having BYOD on your network, it should not be looked at as much as a threat, but also from the benefits that they offer the company with a more responsive and effective workforce. This is the idea that the end user will use the device in order to respond to the business operations quicker than if they didn’t have a device. It is because of this access to the corporate network that security concerns should be squarely addressed by the IT Security Team. Whether it is installing a remote wiping application, or requiring specific security software or configuration settings. The purpose here is to help to secure the corporate network while allowing access when needed. Privacy is another concern that companies have when it comes to allowing BYOD on their networks. Where is the line that they have to make sure they don’t cross? This should clearly be outlined in any documentation or acknowledgement that is given to the employee. (Consultation with legal council should always be done prior to having employees signing any sort of document that may restrict their rights). Privacy can be broken down in two ways, one being that the company owns the device and it’s assigned to the employee for business purposes. Therefore, all the data and content on the device belongs to the company. With the later of the two ways being, the most common to deal with the most those companies find themselves. When the employee accesses company assets with the device (email, documents, Instant Messaging Service) owns the device. With clear delineation and documentation in place as to what is considered the employee’s information and that which is the companies can help to elevate these potential legal concerns. Vulnerability Management When it comes to BYOD assets on the network it will be important to manage the vulnerabilities that they could pose to your business. Whether it is the devices configuration or the applications that are running on it. Each of these areas will pose a risk to your network. Here are some ways to help to protect your critical infrastructure:
Targeted Attacks
There are a growing number of potential threats that are used by targeting a specific user. These threats may come in various forms, and they may be used in conjunction in order to provide a more evasive target to stop. These targeted attacks can take aim at the user’s non-business related accounts and application passwords in order to gain access to company resources or data. While most of these attacks are stopped by changing passwords on the user’s online accounts, other attacks continue for a length of time using different methods that may be invisible to the user. Attacks on business assets or owned BYOD devices should be reported using designated reporting processes. Attackers gaining access to sensitive IP or access to business resources can put the rest of the business at risk. Gaining an understanding of the breadth of the attack can determine what other areas of the company may be at risk and what potential steps might be taken to prevent them in the future. Breach Notification Even if a mobile device has not accessed corporate data, the attack should be treated as a breach. The reason for this is the large amount of data that is available on mobile phones these days can amount to as much if not more than what is stored on a computer (not to mention access to a large amount of data available in the cloud). In addition, various services on the mobile device may access while on the corporate network may have connected the device to information that may not have been downloaded, but which could be accessed is so desired by an attacker. In breach notification, documentation will be help to provide a detailed picture of what happened and how it evolved over time. Sometimes this documentation takes place long after the initial compromise and may be able to link together a chain of events that may not have made sense if viewed individually. Documenting each step and action taken by support personnel will allow the investigative team to determine the full scope of the compromise and what sort of information may have been compromised. This will help in determining if further controls need to be implemented in order to protect the network from a similar threat in the future. Summary With the growing need for employees to be connected to the business, it is important to remember that each device that accesses the corporate network can be a potential risk to the company. While this may be a reason that you don’t allow a user to use their devices on the network. As an IT Security Professional, you can implement controls and processes that help to lessen the risk to your network. Whatever is decided by the business, it is important to remember that the overall goal is to help to enable the employee to be more effective in doing their work. Controls should not hinder the work that is going on, but instead should enhance the security posture that is already in place.
0 Comments
Your comment will be posted after it is approved.
Leave a Reply. |
IT Security ProSecuring the future one byte at a time! Mr. Barlow is here, staying ahead of the curve in Information Security Leadership. Ready to help your company stay safe and secure. Categories
All
Archives
January 2023
|