Tag: BYOD

10 Cybersecurity Myths

· Leave a comment ·

Myth1.png

A new infographic by Varonis, titled “10 Cyber Security Myths Putting Your Business at Risk” identifies what is the myth and what is the reality. If you are like most small business owners, you probably aren’t a digital security expert. So, having a look at this infographic may be the best way to identify weaknesses in your security protocol.

With small businesses increasingly becoming targets of cyber-attacks, it is extremely important for owners to stay abreast of the latest developments in digital security.

On the official Varonis blog, Senior Director of Inbound Marketing Rob Sobers writes, “The proliferation of high-profile hacks in the news cycle often tricks small- and medium-sized businesses into thinking that they won’t be targets of attack.”

But this may not be the case, Sobers warns. Staying in the know makes it much harder for you to fall victim to the relentless attacks by cybercriminals.

Sobers ads, “If you or your employees believe any of the myths below, you could be opening up your business to unknown risk.”

strong-passwords-myth

The number one myth listed on the new infographic? ‘A strong password is enough to keep your business safe’. Although a strong password is important — and certainly better than ‘Admin1234′ — you need to do more.

Having a two-factor authentication and data monitoring adds another level of protection. And adding this layer of protection is in many cases enough to drive the average hacker to look for easier targets.

small-businesses-hacked-myth

Another myth listed on the infographic? “Small and medium-size businesses aren’t targeted by hackers. This is obviously false because hackers are opportunists who will target anyone as long as they can benefit from it. And small businesses are not excluded from this.

The 2018 Verizon Data Breach Investigations Report has revealed 58 percent of data breach victims are small businesses, so the idea the size of your business might exclude you is definitely a myth.

Cybercriminals hack computer systems for a variety of reasons. Once they breach your security, they could use it to launch a DDoS attack, use your IP address for other nefarious purposes and more.

industries-vulnerable-hacking-myth

Much like some businesses believe they won’t be attacked because of their size, other businesses wrongly assume that they won’t be attacked because of the industry they’re in. This myth also goes hand-in-hand with the belief that some companies don’t have anything “worth” stealing. The reality is that any sensitive data, from credit card numbers to addresses and personal information, can make a business a target.

What’s more, even if the data being targeted doesn’t have resale value on the dark web, it may be imperative for the business to function. Ransomware, for example, can render data unusable unless you pay for a decryption key. This can make attacks very profitable for cybercriminals, even if the data is deemed “low value.”

anti-virus-myth

Anti-virus software is certainly an important part of keeping your organization safe — but it won’t protect you from everything. The software is just the beginning of a comprehensive cybersecurity plan. To truly protect your organization, you need a total solution that encompasses everything from employee training to insider threat detection and disaster protection.

insider-vs-outsider-threats

While outsider threats are certainly a concern and should be monitored extensively, insider threats are just as dangerous and should be watched just as closely. In fact, research suggests that insider threats can account for up to 75 percent of data breaches.

These threats can come from anyone on the inside, from disgruntled employees looking for professional revenge to content employees without proper cybersecurity training, so it’s important to have a system in place to deter and monitor insider threats.

IT-cybersecurity-responsibility

While IT has a big responsibility when it comes to implementing and reviewing policies to keep companies cyber safe, true cybersecurity preparedness falls on the shoulders of every employee, not just those within the information technology department.

For example, according to Verizon, 49 percent of malware is installed over email. If your employees aren’t trained on cybersecurity best practices, like how to spot phishing scams and avoid unsafe links, they could be opening up your company to potential threats.

public-wifi-password-myth

If your business has employees who travel often, work remotely or use shared workspaces, they may incorrectly assume that a password keeps a Wi-Fi network safe. In reality, Wi-Fi passwords primarily limit the number of users per network; other users using the same password can potentially view the sensitive data that’s being transmitted. These employees should invest in VPNs to keep their data more secure.

computer-infected-myth

A decade or so ago it may have been true that you could tell immediately if your computer was infected with a virus — tell-tale signs included pop-up ads, slow-to-load browsers and, in extreme cases, full-on system crashes.

However, today’s modern malware is much more stealthy and hard to detect. Depending on the strain your computer or network is infected with, it’s quite possible that your compromised machine will continue running smoothly, allowing the virus to do damage for some time before detection.

BYOD-security-myth

Employees often assume that their personal devices are immune to the security protocols the company’s computers are subjected to. As such, Bring Your Own Device (BYOD) policies have opened up companies to the cyber risk they may not be aware of. Employees who use their personal devices for work-related activities need to follow the same protocols put in place on all of the network’s computers.

These rules aren’t limited to cell phones and laptops. BYOD policies should cover all devices that access the internet, including wearables and any IoT devices.

cybersecurity-preparedness-myth

Cybersecurity is an ongoing battle, not a task to be checked off and forgotten about. New malware and attack methods consistently put your system and data at risk. To truly keep yourself cyber safe, you have to continuously monitor your systems, conduct internal audits, and review, test, and evaluate contingency plans.

Keeping a business cyber safe is a continuous effort and one that requires every employee’s participation. If anyone at your company has fallen victim to one of the myths above, it may be time to rethink your cybersecurity training and audit your company to assess your risk.

cybersecurity-business-myths-inforgaphic

Source: Varonis, Smallbiztrends

CYOD – Choose Your Own Device:

· 1 Comment ·

CYOD – Choose Your Own Device:

The organisation offers employees a choice of devices (which are likely to be from multiple manufacturers on multiple operating systems), with the organisation retaining ownership of the SIM/contract. The device can then be used by the employee for both business and personal use, with policies set centrally to manage usage.

CYOD is less about devices and more about people.

CYOD is a flexible policy where:

  • The business can expand the range of ‘company approved’ devices offered to the employee
  • Or alternatively the business can make a contribution to the employee’s own choice of device
  • Ultimately there is one dual purpose device for personal and business usage
  • Crucially the businesses own the SIM and contract for greater visibility, control and potentially lower costs.

CYOD - 1

Choose-Your-Own-Device (CYOD) overcomes the limitations of BYOD and builds upon its advantages

A CYOD policy allows IT managers to provide their employees with a menu of devices, all of which the organization will support. CYOD, therefore, gives employees a real choice in their preferred computing or mobile device, while still limiting the variety of devices that the IT department needs to work with.

 In this way, CYOD bridges the gap between the unregulated device choice and the IT department’s need to manage and secure the organization’s IT assets.

 CYOD standardizes security and management over a range of IT-approved devices. It can help businesses manage the deployment of multiple device options with the right configurations easily. 

CYOD-2

The CYOD phenomenon also provides a credible alternative to Bring Your Own Device (BYOD) concept.

 CYOD not only overcomes the limitations of BYOD, but it further builds upon the latter’s advantages. When organizations choose CYOD, they ensure that only the most up to date and secure versions of operating systems and apps are accessed by all employees. It is a win-win situation for employees – who get to choose a device of their preference – and the IT manager.

cyod survey

CYOD – Choose Your Own Device

DBYOD – Don’t Bring Your Own Device

BYOD – Bring Your Own Device

The key benefits of CYOD over BYOD:

  • Centralised estate management – centralised billing from a primary network provider enables a single source of billing and interrogation, greater visibility of tariff costs, personal usage and operating efficiency.
  • Reduced mobile call costs – users will benefit from reduced rates for International/roamed calls compared to standard call rates on a (BYOD) consumer tariff.
  •  Increased productivity – employees are able to select the device that they want to use which offers the user experience and functionality that suits them.
  • Clearer liability – as the company owns the SIM and associated tariff it can ensure that its usage policy and limits can be applied for personal usage and also capped for international or roaming charges. Retaining control of the SIM eliminates several grey areas around the disclosure of usage information.
  • Enterprise retains control – by owning the SIM, IT can exert much greater control over expenditure, contract negotiation, compliance, security requirements and costs.

 

BYOD Matrix

Also, by overcoming the unique set of challenges that BYOD comes with, CYOD is definitely the next step in procuring client PCs for any progressive organization.

 

Source: azzurricommunicationschooseyourowndeviceinsightciol,

BYOD

· 2 Comments ·

BYOD: Bring Your Own Device:

A phrase that has become widely adopted to refer to mobile workers bringing their own mobile devices, such as smartphones, laptops and PDAs, into the workplace for use and connectivity. Today, many consumers expect to be able to use personal smartphones and mobile devices at work, which is an IT concern. Many corporations that allow employees to use their own mobile devices at work implement a “BYOD policy” to help IT better manage these devices and ensure network security.

I think BYOD (Bring Your Own Device) is a great idea. It’s an excellent way to save money and to give employees what they want: device freedom.

The reality is that companies must find ways to decrease overhead without sacrificing product quality. They must increase profitability to attract investment money to continue to grow, to innovate and to explore. One significant way to do that is to allow employees to bring their own devices (laptops, smart phones, tablets) to work and use them.

There are both advantages and drawbacks to this kind of policy. In order for it to be feasible, employees must agree that lost or stolen devices can be remotely wiped (with software such as Computrace and Computrace Mobile).

Advantages of a BYOD policy:

  • Reduces IT hardware costs
  • Enables staff to work from anywhere
  • Increases feasibility of remote staff
  • Employees can meet their own demands for the most up-to-date device
  • Employees are more productive using devices with which they’re comfortable.

Drawbacks of a BYOD policy:

  • It’s difficult to make sure all employee devices have been registered and updated with remote-wiping software
  • Increased risk for introducing malware to the corporate network
  • Network access must be revoked when no longer applicable.

               Rather than dismiss a BYOD policy because of the drawbacks, IT can develop a policy to help mitigate the risks.

The VMware Company is in the process of launching Horizon Mobile, software that allows you to run both business and personal phones from one handset.

This means that should the phone be lost, or the employee leaves, any company data on the phone can be remotely wiped. The work phone can also be switched off leaving the personal phone still connected.

   The trend is powered not only by the growth in mobile devices, but by cloud computing, with companies able to buy ready-to-go virtual desktops.

IT managers on BYOD:

  • 52% accept some form of network access
  • 64% believe it is too risky to allow personal devices to be integrated
  • 49% believe the future of their organisation requires integration
  • 50% believe it can increase productivity
  • 82% have a policy in place regarding the use of personal devices at work.