With security experts like Dmitri Alperovitch claiming that all fortune 2000 companies have been hacked, it is understandable that many organizations are making security in IT a primary concern. One of the biggest areas that could use some tightening up is in the area of cell phone security. BYOD solutions which include mobile device management should include “client-based scans, or for “other” devices, like phones or printers, we can use a network based scan tool to look for known issues”. Rich Casselberry – Director of IT Operations, Enterasys.
According to Bit9, BYOD security may actually mean Bring Your Own Danger:
- 72 percent of all Android apps (more than 290,000) access at least one high-risk permission.
- 71 percent of respondents say that their organization allows employee-owned devices to connect to their company’s network
- 84 percent of respondents feel iOS is significantly more secure than Android.
- 96 percent of respondents that allow employee-owned device access, allow employees to access company email using their personal device.
- 26 percent of apps access private information such as email and contacts, with only 2 percent of apps being from highly trusted publishers.
With stats like the above, IT professionals tasked with security responsibilities are asking more questions on how to improve network security. Here are some additional security measures you may want to consider implementing:
- Establish a Reverse Proxy that presents your prized servers on the internet and provides a single point of access to all servers and can force authentication on just about any type of device or operating system.
- Provide VPN access. A single solution for both smartphones and laptops is ideal
- Ensure all remote connections should pass through a firewall before accessing the corporate network.
- Force strong authentication. A one time password can’t be reused if it is capture by a machine infected with a key logger. One time passwords are also simple to implement.
- A machine using a VPN to access the corporate network should be interrogated immediately after logging in to ensure that it is running antivirus software and not using tools such as BitTorrent.
- Leverage secure virtual desktop environments which are erased and recreated on exit. This is very important if your company has employees accessing the corporate network from random hardware such as an airport kiosk.
- Enforce a cache cleaner once the user logs off and closes his / her local browser
- Use NetFlow for Security in IT efforts (e.g. host reputation lookups on all Internet traffic).
More extreme network security measures can include:
- Blocking Internet access to all servers. Routine updates can be performed using temporary access just for updates.
- Install McAfee Total Protection which prompts the end user to grant/deny permission each time a new application wants to access the Internet.
Even with all the above in place, education is still one of the best defenses against some of the worst types of malware (e.g. Advanced Persistent Threats Detection). Providing routine training to employees or even a simple corporate letter can encourage patrons of the corporate network to be careful when installing new applications. The dangers of social media such as Facebook should be reviewed as well as appropriate behaviors which could reflect adversely on the company image. We need to continually enforce that security in IT has to be approached from multiple directions.