BYOD become a popular target

Security architecture assessments carried out by Dimension Data within its clients’ environments reveal strong evidence that end users are becoming more popular cybercrime targets. That’s because workers are becoming more accustomed to having real-time access to corporate data, and as a result are also becoming targets of criminals. In fact, users are becoming the attacker’s point of entry into the organisation.

October 2, 2015

Security architecture assessments carried out by Dimension Data within its clients’ environments reveal strong evidence that end users are becoming more popular cybercrime targets. That’s because workers are becoming more accustomed to having real-time access to corporate data, and as a result are also becoming targets of criminals. In fact, users are becoming the attacker’s point of entry into the organisation.

According to Frédéric Lavend’Homme, Dimension Data Luxembourg’s Security BDM, users are becoming the ‘new perimeter’. In fact, the NTT 2015 Global Threat Intelligence Report shows that seven out of ten vulnerabilities relate to the end-user in an organisation – particularly those who are accessing key systems and data – via devices which often aren’t comprehensively managed by the business.

“We’re seeing an increase in the number of end users becoming targets. That’s because there are multiple attack vectors available through which to reach them. Today, it’s not just traditional end points that organisations need to worry about. The reach of cyber threats has extended to mobile devices and social platforms.”

Frédéric Lavend’Homme says cybercriminals know that if they can reach users, they have a chance to convince them to do something that will grant them access to the users’ data or profiles or to allow them to take control of the users’ devices. “This is a concerning trend. We’re noticing some significant people, process, and policy gaps, particularly with respect to Bring Your Own Device and end user computing initiatives. Most businesses have some form of governance and control in place, but today the standard precautions are often not enough to protect organisations from the latest breed of threats.”

Frédéric Lavend’Homme also points out that incident response remains one of the most significant gaps in organisations’ defences. Today 74% of businesses don’t have a formal incident response plan. “It’s difficult to mitigate the impact if a user’s device is compromised and there’s no incident response process that will detect the breach and put into effect immediate measures to secure key data.”

He also explains that many businesses are re-examining their Bring Your Own Device strategies in a move to protect their businesses from cyberattacks targeting end users.  “However, we’re not seeing the demise of  BYOD initiatives, but rather a move towards more standardisation of devices as it simplifies end user support and ensures they’re appropriately patched, which helps mitigate threats,” he explains.
Dimension Data’s security team compiled some key policies that are simple to implement yet effective enough to address the security threats they face and which allow violations to be flagged.

  • Make policy a priority
    The aim of these policies is to govern or enforce certain behaviour in an organisation. In this case, enforce certain employee behaviour that is aligned with the overall business objectives; while at the same time instil behaviour that is sensitive to the most valuable corporate asset – information. Organisations differ vastly and policies should be created taking into consideration the nature of the organisation, their business models and the regional cultural nuances associated with their mobile workforce.
  • Incident response
    Organisations need to develop a ‘data-centric’ security approach, which includes more advanced controls and monitoring. With this approach, even if users are authorised to access certain data and systems on certain devices, businesses can make sure they’re not doing anything completely out of the ordinary, for example, suddenly transferring two Gigabytes of content from a database onto a connected mobile device. In this way, organisations can be proactive about flagging, and responding to, anomalies.
  • User awareness and education

User awareness and education goes a long way to minimising risk. It’s important for organisations to encourage employees to behave in a consistent manner, according to clearly communicated, and centrally developed and monitored, processes and procedures that cover all the devices in use.  This may still not avoid attempted attacks taking place, but they’ll certainly make an organisation safer.

Watch video

In the same category