People tend to be curious so if they see a seemingly innocent USB Flash drive, they would plug it into their computers to find out who might have left it there to be able to return it. The next time you see a USB Flash drive laying around, do not bother picking it up and do not plug it into your computer because it is the easiest way to open a back door for cyber criminals gain access to your computer that might cause a business breach and a nightmare for your IT services team to clean and repair.
Sophos, a security vendor, recently tested USB drives bought at a lost and found property auction. Results showed that almost 70% of the USB drives had viruses or malwares. Recent research from the University of Illinois planted 300 flash drives around the campus and nearly half of that number were plugged into computers and looked at within almost 7 hours. The first USB that was opened was within 10 min of it being planted. Imagine how much problems that would have caused and how long it would take your IT services group to fix it. It is best to inform your staff to be wary of abandoned flash drives, not only within your offices, but also when out and about. Even the ones given away at trade shows can be a threat.
The Australian Cyber Security Centre conference recently in Canberra enforced new strict regulations on the use of USB drives. Presenters were not allowed to use them and they were not to be included in swag bags or given out at the booths. This goes to show how much of a threat stray USB drives are so it is best to enforce strict USB policies within your own organization and to confer with your IT services team on how to keep your network safe and secure.
The BYOD culture is also making it very difficult for IT services providers to keep business systems secure. IDC, a market research company, expects that markets like Singapore and Australia will notice a drop in BYOD because personally owned gadgets but will not be able to perform core business functions without the high security risks. Almost 60% of IDC surveyed companies throughout Asia Pacific declared that they have some kind of BYOD policy and majority of the devices being used are smart phones. IDC believes that companies will start to revisit corporate policies and may eventually give the employees an option to choose their device preference instead. Choose your own device “CYOD” will not eradicate BYOD entirely but there will be a hybrid CYOD/BYOD policy to make it easier for enterprise IT services teams to monitor and ensure business network security. It is best to have a strict BYOD policy within your company so that your IT services group can inspect and install security softwares on the BYOD gadgets.
It his highly likely that in cases when an executive misplaces a tablet or mobile phone, the first thought would be how to recover their lost pictures or the inconvenience of re-compiling their music library, completely forgetting about the amount of corporate information and the possible threat of the device being accessed by scrupulous people. A large number of cyber attacks today are due to compromised corporate user credentials. Educate your staff that they should inform you and your IT services team of such losses immediately. A competent IT services group should be able to install security measures to be able to trace the whereabouts of the lost gadget or to be able to do a remote wipe out of the business data contained in the mobile device.
Microsoft recently announced that availability of Azure Rights Management Advanced Threat Analytics (ATA) support for iPad and for Office so these programs are a good option for your IT services group to utilize in keeping your business network secure. ATA is created to protect enterprises from targeted cyber attacks with its innovative technology that continuously learns and assesses security threats through behavioural analytics. This program makes it easy for you and your IT services team to analyse reports because it presents the data like a social media feed does making it easy to consume the information. ARM expanded their encryption technologies to iPad and iPhone so documents created on platforms like Office 2010, Office 2013, and Office for Mac will now be accessible and they are expected to extend to all platforms by the end of this year.