I was reading a story by Ian Paul on PCWorld on the Android
Trojan NotCompatible. You can read it here.
There is one reason this Trojan was written, to exploit BYOD (Bring Your Own
Device). As Ian states, ”…it is not a threat if you use common sense..”. Every
IT security expert can now sleep easy knowing their end users always behave
this way, oh wait…they don’t.
Why did I bring up BYOD? BYOD is a hot trend that solves a
lot of issues for IT directors and end users, and creates a lot of additional
issues for companies that embrace BYOD without addressing the security requirements.
What are the base level security measures needed for networked equipment? The devices
need to be checked for viruses, malicious code, software exploits, and user
rights.
This is hard enough to do if you have control of every
device on your network, patch all the operating systems, keep the virus definitions
up to date, keep all the other software patched (Adobe Acrobat, Office, Flash, Java,
Etc.), control the users access to data and potential sites with malicious
code, and stopping the end user from being the security hole by writing down
passwords or sharing them.
Once you start allowing your end users to connect their
personal devices to your business network, you have lost most of that ability.
Without implementing proper security to handle these “un-managed” devices, you
may lose control of your network and vital customer and business data.
Is BYOD bad? No, it is inevitable. So just like security
measures had to be taken to make Wireless networks secure, measures need to be
taken to make you employee’s devices safe to connect to your network. Don’t
shortcut the process, horse and then cart. Security and then BYOD.
No comments:
Post a Comment