In the old days, securing your network primarily meant educating employees to avoid clicking on links in suspicious emails and locking up the server room when it was left unattended. In today’s more complex environment, though, with businesses of all sizes under attack from cybercriminals and points of entry that can include Smartphones, tablets, USB devices and more, it’s important to know where some of the most common threats are – and how to adequately protect against them.
You get a text from your friend, urging you to check out a new game that he found. You install the app, accept the terms and start playing. However, that fun new game could actually be disguising malware, spyware or a virus – all things that could potentially compromise your company’s network.
In some cases, users don’t even have to do anything to acquire malware. In 2010, several models of Android devices came right from the factory with malware installed; the program spread from the phones to any other removable drive that was plugged into the phone. Protecting your network from malware and other harmful programs requires robust anti-virus protection, and that extends to the device itself. Security solutions, for example, provide a means for IT professionals to easily manage devices across multiple platforms and protect them against malicious software.
Not only is it possible for cybercriminals to insert harmful codes into popular apps, applications can present problems in other ways. For example, while most apps sold by reputable retailers such as iTunes or Amazon are safe, apps sold by third-party vendors may present problems. Some vendors unknowingly host the malware, simply because they do not have the resources to verify that the application is clean. However, some vendors deliberately offer malware, in hopes of acquiring sensitive data. To protect your network, place restrictions on the apps that users can download, providing lists of approved vendors, and requiring approval of anything new or not on the list.
If there is one thing that is universally despised in the consumer electronic device market, it’s the two-year contract that many wireless carriers require in order for customers to access the latest devices at the best price. As a result, computer experts have determine methods of “jailbreaking” phones, or reconfiguring their systems so they will work on networks other than the one it was designed for. The problem that arises, though, is when a phone is jailbroken, it creates vulnerabilities in the operating system. In turn, the door is left open for malware and viruses to access sensitive company data. The solution to this dilemma is simple enough: prohibit employees from using jailbroken devices in the BYOD environment.
It’s happened to almost everyone at one time or another: their mobile device is lost or stolen. One minute you’re sitting in a coffee shop chatting with a friend, and the next, your bag – which contains your tablet that’s full of automated logins for your favorite sites, including work networks – is gone. While most people take precautions to avoiding losing their devices or becoming the victim of a thief, when the worst happens, it can put the network as a whole at risk.
The best way for companies to protect against these risks is to use a mobile device management solution that allows IT to remotely lock and/or wipe the device before criminals gain access to sensitive data or networks. In a BYOD environment, this capability is of the utmost importance – and employees need to understand the ramifications of such a policy.
It happens innocently enough – you use your portable drive at a client’s office to make a presentation and return to your own office with a brand new virus or malware on the drive, which then infects the entire network when you plug it into your computer. By some estimates, more than half of all malware comes from infected USB devices, including portable storage devices, music players, Smartphones and digital cameras. IT departments can combat this risk by restricting which devices can be plugged into network-connected machines, and by only using devices with robust virus and malware protection.
Every day, cybercriminals are looking for new techniques to access corporate networks and data – and steal valuable information. Staying one step ahead of them, and keeping the common entry points protected and secure, is the best way to avoid a costly data breach.