October is National Cybersecurity Awareness month, making it an excellent time to draw attention to this critical topic. Too many organizations continue to take their cybersecurity for granted, often with disastrous results.
The foundation of any good cybersecurity policy is employee training. Even the most robust and iron-clad cybersecurity plan will fail if employees don’t understand:
- The importance of cybersecurity
- How their actions can either help or hinder efforts to safeguard your organization’s digital assets
- How to identify suspicious activities (such as irregular network traffic or phishing emails)
- Who they should report any suspicious activities to
Though most of us are typically only aware of large scale cybersecurity attacks targeting large businesses (such as the CapitalOne hack that occurred earlier this year), small and medium-sized organizations are increasingly being targeted by cybercriminals.
The Cost of Poor Cybersecurity
According to the 2019 edition of IBM’s annual Cost of a Data Breach Study (conducted by the Ponemon Institute), the most common and most expensive breaches were the result of malicious cybersecurity attacks (as opposed to accidental breaches caused by human error or system glitches), and cost, on average, $4.45 million, with smaller organizations (those with less than 500 employees) suffering average losses of $2.5 million.
That sort of financial blow can cripple a small or medium-sized business, many of whom generate $50 million or less in annual revenue.
Not only can a breach cripple even a large, financially comfortable organization, but many cybersecurity incidents aren’t detected right away. According to the report, only 65% of breaches were discovered within the first year after the breach. 22% weren’t discovered until the second year, and 11% weren’t discovered until more than two years after the initial incident occurred.
Cybersecurity Awareness is More Critical Than Ever
Employee negligence is the leading cause of data breaches, accounting for 47% of all incidents. Employee actions that compromise cybersecurity are rarely malicious. In many cases, employees may not understand that their actions (such as leaving their work laptop unattended at Starbucks while they head to the counter to order another coffee, or working remotely using public wifi) endanger the company.
Organizations with BYOD (Bring Your Own Device) policies are particularly vulnerable, as the company doesn’t have direct control over the devices being used to access their internal networks.
How Can I Protect My Organization?
Cybersecurity is everyone’s responsibility, but your employees can only help safeguard your organization’s digital assets if they understand why cybersecurity is important and how their actions can either endanger or safeguard your digital assets. Awareness is the first step towards crafting a robust yet flexible cybersecurity policy to meet your organization’s needs.
Provide Employees with Regular Cybersecurity Training
Your employees may have been provided with some basic cybersecurity training as part of their onboarding, but that isn’t enough. Cybercriminals are continually changing tactics and evolving, so your cybersecurity practices need to adapt to new and changing threats.
Regular training not only helps remind employees why cybersecurity is important, but it also reinforces good habits (such as choosing strong passwords and not leaving devices unattended). These regular check-ins also ensure that any policy changes are communicated promptly and effectively and that employees have a chance to ask questions and gain a more detailed understanding.
Stress Test Your Defenses
You may also want to consider conducting regular pen (penetration) tests or running through common tabletop scenarios. A pen test involves hiring an ethical hacker to stress test your organization’s cybersecurity by attempting to break through your defenses and gain access to sensitive information. The ethical hacker takes detailed notes as they work, and flags any vulnerabilities they were able to exploit. Once the test is done, the hacker then sits down with you to share their findings.
A tabletop scenario is more like a fire drill and allows your employees to respond to a hypothetical cybersecurity incident in a zero-risk environment. This not only gives your employees the chance to test their responses but also gives you valuable insight into your current cybersecurity protocols. Once the scenario is finished, you can review your response and flag any problems or gaps you encounter so they can be rectified.
Review Your Cybersecurity Policies Frequently
There are several essential cybersecurity best practices you may already have in place (such as keeping your software up to date, using firewalls, and enforcing safe password practices), but you should be taking the time to review your cybersecurity policies at least once per year.
Lead By Example
It’s one thing to create strong cybersecurity policies and talk about why cybersecurity is essential; it’s another thing entirely to follow that advice yourself. Cybersecurity is everyone’s responsibility, from the CEO all the way down to the summer intern. Employees are more likely to follow best practices if they see their superiors doing so because it reinforces that these policies are more than just talk.
Make Sure Employees Have Someone to Turn to For Help
Even if your employees know how to recognize suspicious activities, that knowledge is useless unless there is someone to act upon it. Employees need to know who they should report suspicious activities to, and the person they are reporting to needs to have both the knowledge and the agency to investigate those suspicious activities, determine if they are credible, and react accordingly.
Consider Seeking Out Expert Advice
Effectively safeguarding your organization’s digital assets from cybercriminals can feel like a daunting task. Not everyone is a cybersecurity expert, and that’s okay. That’s why many organizations choose to outsource their cybersecurity to MSSPs (Managed Services Security Providers). A good MSSP will not only monitor your network and alert you to any suspicious activities, but they will also help you assess your unique cybersecurity needs and craft a robust yet flexible cybersecurity solution to meet those needs. They can also help you train your employees, respond effectively to a cybersecurity incident if one occurs, and investigate the incident thoroughly so that your cybersecurity policies can be improved to prevent similar incidents from occurring in the future.
Cybersecurity incidents are becoming increasingly common in the modern world, so your organization needs to have policies in place to safeguard your digital assets. While large organizations may be able to support an in-house cybersecurity team, many small and medium-sized businesses have neither the capital nor the people power to support such a resource-intensive department.
This is where Managed Security Service Providers (MSSPs) come in. MSSPs can offer your organization all of the benefits of a personal team of cybersecurity experts without the significant overhead costs associated with an in-house department.
Stay Up to Date on Cybersecurity Threats
A cybercriminal only has to breach your defenses once to gain unauthorized access to your systems. Your organization has to thwart their efforts every single time to ensure those digital assets remain secure.
Detecting and tracking credible threats, monitoring systems for suspicious activity, and ensuring your defenses are up to snuff is a full-time job. A good MSSP not only performs all of these critical tasks for you, but they do so 24/7/365 and are staffed by a team of diverse experts who can pinpoint which potential threats are credible, and have the skills and knowledge to safeguard your assets effectively.
Rapid Incident Response
If a cybersecurity incident does occur, an MSSP is poised and ready to respond effectively. Their team of experts will work to pinpoint the breach, determine how it occurred, and work with you to shore up your defenses. They can also help you assess the damage, identify vulnerabilities and gaps in your current cybersecurity defenses, and craft new policies to address those limitations.
Once the incident has been dealt with, your MSSP can also help you train your employees to prevent or mitigate future incidents, and can even run tabletop scenarios or pen tests to help your team test out their new skills and strategies in a no-stakes environment.
Extend Your Team While Minimizing Costs
A good MSSP should feel like an extension of your own team, integrating smoothly into your existing structure while bringing valuable expertise and experience to the table. By outsourcing your cybersecurity to an MSSP, you can avoid the substantial overhead costs associated with supporting an in-house team and the hassle of hiring and retaining qualified employees in the midst of a severe shortage of cybersecurity talent in the United States.
Focus on Your Business
Not everyone is a cybersecurity expert, and that is okay. Though every organization needs to have robust yet flexible policies in place to safeguard their digital assets, your role in your organization is to do what you do best: your job.
When you hire a good MSSP, you can rest assured that your organization’s cybersecurity is in good hands and focus on your business.
Manage Risk & Compliance
A good MSSP will help you safeguard your digital assets and help you ensure that your organization is compliant with all relevant legal and regulatory rules. Rules and regulations are typically convoluted and may change suddenly with little warning, so it is imperative that you have access to a team of experts who can ensure your organization remains compliant. If an incident does occur, your MSSP can help you alert the relevant legal and regulatory authorities, by filing the appropriate reports.
Your MSSP can also help you effectively manage risk so that you can minimize the chances of a breach occurring in the first place.
An MSSP You Can Trust
VirtualArmour provides comprehensive and tailored cybersecurity and networking solutions for organizations of all sizes in all industries. We offer 24/7/365 monitoring, rapid response, and employee training.
For more information, please contact us.
Though many of us may only hear about big cybersecurity incidents like the Equifax breach of 2017 and the CapitalOne hack of 2019, cybersecurity incidents are becoming increasingly common in the modern world.
Many C-suite executives and other decision-makers likely shook their heads as they read about these and other serious cybersecurity incidents, thankful that that sort of thing could never happen to their organization. Unless you have a flexible and robust cybersecurity strategy in place, stay up-to-date on current threats, and have a post-breach playbook, the unfortunate reality is that your organization could experience a similar beach.
You Aren’t Up to Date on Cybersecurity Threats
You can’t adequately protect your organization and safeguard your digital assets if you don’t know what you are safeguarding your assets from. The cybercriminal landscape is continuously shifting and changing, and new threats are popping up every day.
Cybercriminals don’t work nine to five, Monday through Friday, so your cybersecurity team can’t either. Your team needs to be able to monitor threats 24/7/365.
You Aren’t Adequately Safeguarding Your Data
Not only do you need to stay up to date on all potential threats, but you and your team need to have the knowledge and skills necessary to protect your assets and thwart any would-be breaches before they occur. If you do not have an adequate cybersecurity strategy in place to safeguard your data, you are vulnerable to a breach or other cybersecurity incident.
Your Employees Need More Training
Every employee, from the CEO all the way down the ladder, is responsible for cybersecurity. Employees need to understand why cybersecurity is important, what they can do to help safeguard your organization’s digital assets (from selecting strong passwords to reporting suspicious emails), and what they need to do if a breach or other incident occurs.
Not only do employees need to be trained, but their training should be ongoing and reviewed regularly. Tabletop scenarios and pen tests can help your team keep their skills up to date and avoid getting rusty. These scenarios also give your team a chance to test out your current cybersecurity protocols and analyze the efficacy of their response in a zero-risk environment so that they can be better prepared if an incident does occur.
Poorly trained or inadequately trained employees are a security risk, and may not even know they have compromised your cybersecurity or inadvertently caused a breach until the damage is already done.
You Don’t Have an Offboarding Process
While most organizations have a formal, or even informal, onboarding process (sorting out ID badges, assigning desks, signing paperwork), many organizations lack formalized protocols for offboarding employees who are leaving the organization.
When someone leaves your organization, you need to have a formal checklist in place for removing their access to critical systems as well. This includes removing access to internal systems as well as asking them to turn over their keys, ID badge, and any company equipment they were granted the use of during their time with the company.
You Don’t Have a Post-Breach Plan
Unfortunately, too many organizations don’t have adequate post-breach protocols in place. This means that when an incident does occur both employees and management are ill-prepared to deal with the aftermath. Being unprepared can not only prevent you from properly addressing the breach and shoring up your defenses, but it could cause you to inadvertently run afoul to regulations such as GDPR because you are unable to craft the necessary comprehensive reports.
Reacting poorly to a breach can also harm your reputation and damage the trust you have worked hard to build with clients or customers.
Your Permissions Are Too Permissive
The hacker responsible for the CapitalOne hack may have used her insider knowledge of Amazon Web Service’s systems to exploit a bug and gain unauthorized access to CaptialOne’s private servers, but once she was inside it was CapitalOne’s excessive permissions that allowed her to gain access to the data of nearly 100 million Americans.
The way CapitalOne had configured their internal permissions meant that once the hacker was inside, she encountered almost no resistance and was able to easily view and read a wide selection of private files, and export them. By implementing policies such as zero-trust architecture, you can contain a hacker and prevent them from moving freely about the system should they be able to gain access. Zero-trust architecture works like RFID keycards: you need to verify who you are each time you try to access private or sensitive areas of the system.
An MSSP Can Help
All of this may seem overwhelming. Cybersecurity is complicated, and there are a lot of things you need to consider to ensure that your organization’s digital assets remain secure. A good Managed Security Services Provider (MSSP) can help you craft tailored cybersecurity strategies to meet your needs, monitor your systems 24/7/365 for potential threats, provide ongoing support, help you train your employees, and help you mitigate damage and ensure compliance if a cybersecurity incident does occur.
It seems like almost every day brings news of another large, high-profile hack affecting millions of Americans and other users around the world. Though wide-reaching hacks affecting large companies and millions of users are more likely to make the news, the reality is that cybercriminals are increasingly targeting small and medium-sized organizations as well.
Cybercriminals are constantly evolving and changing their tactics in the hopes that they can stay ahead of cybersecurity experts. Looking back on high-profile hacks like the CapitalOne hack can give us insight into how cybercriminals operate and help us craft robust cybersecurity policies that allow us to approach cybercrime in a way that works to preemptively safeguard digital assets.
The CapitalOne hack occurred on March 22nd and 23rd of this year but was not discovered by CapitalOne until July 19th. The incident affected credit card applications as far back as 2005. The hacker, Paige Thompson, is accused of breaking into a CapitalOne server and gaining unauthorized access to 140,000 Social Security Numbers, 1 million Canadian Social Insurance Numbers, and 80,000 bank accounts. She is also accused of accessing an undisclosed number of names, addresses, credit limits, credit scores, balances, and other personal information according to CapitalOne and the US Department of Justice. In total, the breach affected approximately 100 million Americans and 6 million Canadians.
As of the writing of this article, she is still awaiting trial.
Ms. Thompson, a former software engineer for Amazon, was able to gain access to the private server by exploiting a misconfigured firewall. The server is run by Amazon Web Services (AWS).
What We Learned
Ms. Thompson was able to gain access to CapitalOne’s private AWS server by exploiting a misconfigured firewall, which she was able to trick into granting her access to critical back-end resources. The misconfigured firewall was not only vulnerable, but it had also been granted more permissions than it should have. This allowed Ms. Thompson to view a wide selection of files and read their contents. She was also allowed to export private information, thereby stealing sensitive CapitalOne customer data.
The type of vulnerability Ms. Thompson exploited is a well-known method called a Server Side Request Forgery (SSRF) attack. In this case, the server was tricked into running commands that it should never have had permission to run in the first place.
The CapitalOne hack taught us that even seemingly minor vulnerabilities can be exploited and that overly generous permissions pose a hazard. CapitalOne was also not aware of the breach until it was reported to them by someone who saw that Ms. Thompson had posted the private CapitalOne data on her GitHub page. If they had been monitoring their systems more closely, they might have been able to detect the breach right away instead of being made aware of it by a good Samaritan months later.
What Can You Do to Protect Your Organization
The best thing you can do to protect your organization from hacks like the CapitalOne hack or any other cybersecurity incident is to be vigilant and take a preemptive position. It is always better to safeguard against potential threats than deal with breaches and hacks after they have already occurred.
Ensure Firewalls and Other Software is Up to Date
One of the simplest things you can do to protect your organization’s digital assets is to keep your software up to date. This includes cybersecurity specific software such as anti-virus software as well as the software your organization uses to conduct its everyday business.
When software companies detect flaws in their products, they release patches, which are small snippets of code designed to patch vulnerabilities or fix bugs. Cybercriminals look for these patches because they show them exactly where exploitable vulnerabilities exist in out-of-date software.
By keeping your software up to date, you can take advantage of these security fixes, making it more difficult for cybercriminals to gain unauthorized access to sensitive or proprietary data.
You should also review your cybersecurity protocols regularly so that they can be updated or adjusted according to your evolving needs. Regular reviews and audits also help ensure that your employees know how to spot suspicious activity, and whom they should report it to.
The CapitalOne server was granted too many permissions, which allowed Ms. Thompson to view and export large amounts of sensitive information. Should your organization experience a hack, limited permissions can help limit cybercriminal access.
By limiting permissions for both software and employees to only what these entities need to complete their jobs you make it more difficult for a cybercriminal to access sensitive or proprietary sections of your infrastructure, slowing them down and limiting the damage they can inflict. Slowing cybercriminals down helps ensure that their activities are noticed before they can cause too much damage or gain access to other systems.
You can’t mount an effective defense against a cyberattack if you don’t know one is happening. By monitoring all traffic on your network, both within the network and between your network and the Internet or other external programs, you can better keep an eye out for suspicious activity.
You should also make sure that the employees responsible for monitoring your systems have the appropriate training to recognize suspicious activities and either report them or investigate them themselves.
Have an Official Offboarding Process
Ms. Thompson knew the vulnerability was there because she had worked as a software engineer for Amazon, who owned and maintained the server used by CapitalOne. Though Ms. Thompson had to hack her way into the server, too many companies don’t have proper offboarding processes in place to revoke permissions for former employees.
By making sure you have proper procedures in place to revoke access to your organization’s systems, you can help prevent disgruntled former employees from using their permissions to gain unauthorized access.
Consider an MSSP
Keeping your software up to date and limiting permissions are both critical, but will only get you so far. To stay one step ahead of cybercriminals, you need to ensure that your current cybersecurity protocols are both robust enough to safeguard your digital assets effectively and flexible enough to adapt to the ever-changing cybersecurity landscape.
Not every organization is large enough to support an in-house cybersecurity team, and that is okay. A Managed Security Services Provider (MSSP) consists of a team of cybersecurity experts, who can help you create tailor-made cybersecurity solutions to meet your organization’s unique needs, provide employee training, monitor your systems for suspicious activity, and help you limit or even avoid damage should a cybersecurity incident occur.
There are a lot of Managed Security Service Providers (MSSPs) out there, but like all industries, not every company maintains the same high standards. Finding the right MSSP to meet your organization’s unique needs can feel like a daunting task, but it doesn’t have to be. To help you choose the right MSSP for your company, here are a few things you should consider during the selection process.
Your MSSP Needs to Adapt to Your Needs, Not the Other Way Around
As an organization, you want to remain competitive. That means that you need to be able to seamlessly incorporate and utilize new, cutting edge technology and rest assured that your MSSP can monitor and secure whatever new technology you throw at them.
Unfortunately, too many MSSPs are not only unable (or unwilling) to support new products, they often create their own in-house, one-size-fits-all version that they are only too happy to sell you, regardless of what your actual needs are. That means that you either need to switch to their product or figure out how you are going to integrate the new product properly and keep your data and systems secure on your own.
A true partner will embrace the new technology you adopt, integrating it smoothly into your existing infrastructure and using it to find modern threats so they can take a proactive approach to your cybersecurity.
To help you choose a MSSP that is willing to adapt to your needs, not expect you to adapt to theirs, you should look for companies that require minimal additional software, no additional hardware, and only simple configuration changes in order to provide you with cybersecurity monitoring. A great MSSP will not require you to purchase additional products in order to get any value out of their service and work to integrate the cybersecurity technologies you are already using instead of insisting you change over to their in-house solutions.
Your MSSP Should be Well Rounded
A great MSSP offers a variety of services that can be tailored to meet your unique needs. A good cybersecurity strategy is a comprehensive strategy that covers all of your bases, including managed endpoint protection, firewall security, managed threat intelligence, cloud security, and identity and access management. Cybercriminals will exploit any cracks they can find in your defenses, so it is up to your MSSP to identify those cracks and help you create robust yet flexible solutions to safeguard your organization’s digital assets.
VirtualArmour is an exclusive firm that focuses on a handful of services, which ensures that we only offer services we have honed to perfection.
Your MSSP Should Value Your Time
You have a business to run, so you don’t have time to waste on long, unnecessary convoluted onboarding processes. You need an MSSP that can prove themselves valuable as soon as they have access to your digital assets. A short, streamlined onboarding process ensures that you don’t spend weeks or even months paying for a service that you can’t actually benefit from yet.
You should choose an MSSP that values your time and wants to begin safeguarding your digital assets as soon as possible.
Your MSSP Should Be Committed to Transparency & Ongoing Assistance
Even the most advanced and robust cybersecurity solution is only useful if your employees know what role they play in the broader cybersecurity ecosystem and have the appropriate training. A good MSSP will provide you with solutions; a great MSSP will walk you through the process and provide ongoing training and support to ensure your tailored solutions are implemented effectively and can adapt as your needs change.
Your MSSP should work with you to create comprehensive strategies to suit your organization’s unique needs and educate your employees on their role in safeguarding your company’s digital assets. That training should include how to avoid falling for phishing scams, ransomware or DNS spoofing and who they should report suspicious activity to. Cybercriminals are increasingly targeting small and medium-sized businesses, and improperly trained employees are becoming their unwitting allies.
Tabletop scenarios and pen (penetration) tests are also great ways to stress test your defenses and ensure that your organization, and its employees, are prepared to deal with potential threats. A tabletop scenario is like a fire drill and allows your team to respond to a hypothetical cybersecurity threat in a no-stakes environment and then analyze your response and look for ways to improve it. A pen test involves hiring an ethical hacker to look for ways to break through your cybersecurity defenses, document any vulnerabilities they find, and let you know how they were able to exploit those vulnerabilities to gain access to proprietary data and private systems so that you can improve your defenses.
Your MSSP Needs to Stay Ahead of the Curve
You are relying on your MSSP to safeguard your digital assets from cyber threats, so it is imperative that your MSSP stay up to date on what those threats are. Your MSSP should offer managed threat intelligence, which ensures that your network is monitored 24/7/365 and alerts you to potential threats in real time. A great MSSP will also sandbox threats in real time, allowing them to validate threats in a separate, secure environment and will enable them to disrupt threats at their origin and innoculate your organization, and all of their other clients, against threats before they can cause damage or disruption.
Your MSSP should also be continually adapting and evolving to ensure they are able to secure your digital assets against new threats.
Your MSSP Should Not Require Management
Your MSSP should not require you to go through their team of specialized services professionals just to understand what is going on. Instead, a great MSSP will streamline alerts and other cybersecurity tasks that require attention and allow you and your team to focus on your business instead of putting out fires and managing your MSSP. Your MSSP should reduce the amount of time, energy, and people power your company is currently dedicating to security operations related tasks, not increase it.
As a business owner, you want to ensure that the solutions and products you invest in are providing you with real value and a solid ROI. This can only happen if you choose a MSSP that:
- Provides services that are easy to set up and use.
- Offers 24/7/365 monitoring of threats so that you can rest assured that they are keeping a watchful eye on things and crafting solutions to viable threats.
- Is willing to work with you to create tailored and flexible solutions to suit your needs, workflow, and goals.
- Offers transparency into what they are doing and how it will help improve your organization’s cybersecurity solutions and protocols.
- Provides concrete and ongoing support and training so that you and your team can help safeguard your company’s digital assets effectively.
- Will help you minimize damage, rebound quickly, and shore up your defenses should a cybersecurity incident occur.
[cs_content][cs_element_section _id=”1″ ][cs_element_row _id=”2″ ][cs_element_column _id=”3″ ][cs_text]
On the surface, a Bring Your Own Device (BYOD) policy seems like a great business move. By allowing employees to use their own devices, such as laptops, smartphones, and tablets, companies can save money and increase productivity. However, securing your network in a BYOD environment poses unique challenges from both a cybersecurity and a privacy standpoint. If you don’t address these risks properly you could be leaving your company, and it’s data, vulnerable. This guide is designed to help your company smoothly transition to a corporate BYOD policy.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h3″ accent=”false” class=”cs-ta-center”]The Risks of BYOD[/x_custom_headline][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased Risk of Data Leakage[/x_custom_headline][cs_text]
When you allow your employees to access corporate data using their own devices from anywhere it increases the possibility that your data may be leaked. Mobile devices are the weakest link when it comes to network security because they are the most susceptible to attacks. Mobile phones and tablets require constant patch updates to secure security loopholes, and even a single missed patch can leave your company, and its data, vulnerable.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased Exposure to Vulnerabilities[/x_custom_headline][cs_text]
Due to the nature of BYOD companies have minimal control over any corporate data either stored on employee devices or accessed via employee devices. If an employee forgets to install a security update, connects to a suspicious wifi signal, or loses their phone it could put your data at risk.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]The Mixing of Corporate and Personal Data[/x_custom_headline][cs_text]
Having employees use their own devices for work makes it difficult to distinguish between personal data and corporate data. If the device is lost or stolen corporate data can be put at risk. Allowing these two different types of data can also pose significant privacy concerns, especially if an employee leaves the company.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased Chances of Malware Infection[/x_custom_headline][cs_text]
Not everyone is as careful with their devices as they should be. If an employee unknowingly installs malware onto their device, which is connected to the rest of your company’s network, they might end up spreading the malware to other devices. Depending on the nature of the malware your employee may unwittingly install keylogging software, which would allow unauthorized users to learn your employee’s usernames and passwords. This obviously poses a huge security risk, since unauthorized users could use that information to gain access to sensitive or private corporate data.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased IT Infrastructure[/x_custom_headline][cs_text]
When a company switches to a BYOD policy the IT department will need to rework their existing infrastructure to accommodate a variety of personal devices. Most companies end up investing a lot of time, energy, and other resources to make sure that BYOD policies are compliant with existing security and privacy policies. You need to make sure things are done correctly to avoid having to divert more time and resources to fix problems created by a poorly implemented BYOD policy.
[/cs_text][x_image type=”none” src=”https://www.virtualarmour.com/wp-content/uploads/2019/01/bring-your-own-device.jpg” alt=”Bring Your Own Device Security Policy” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” style=”width: 1260px;”][x_custom_headline level=”h2″ looks_like=”h3″ accent=”false” class=”cs-ta-center”]How to Protect Your Network While Using a BYOD Policy[/x_custom_headline][cs_text]
BYOD can complicate your cybersecurity needs, but that doesn’t mean it is a bad idea. To help ensure your network stays secure here are some steps you should take and some policies you should consider implementing.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Conduct an IT Audit Before Enacting BYOD[/x_custom_headline][cs_text]
Before you begin implementing a BYOD policy you should conduct a thorough audit of your current IT infrastructure and policies. That way you can address any potential cybersecurity gaps, problems or conflicts with your existing IT protocols before you begin. This will not only make the change over go more smoothly, but it will also help you ensure that you aren’t inadvertently exposing sensitive information or creating a gap in your cybersecurity when you begin to change things.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Limit Access[/x_custom_headline][cs_text]
Not everyone needs access to everything. To help keep your network secure you should add role-based access. That means that how much access each employee is granted is tied to their role, and their access is limited to only to systems and information their job requires access to. You can also restrict access on a profile basis, which will limit who is allowed to access your systems remotely and allow restrictions on some applications or filesharing to within your internal office network. This will not only improve your cybersecurity but will also make it easier for you to audit and monitor your data and better control a leak should one occur.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Require Two-Factor Authentication for Mobile Access[/x_custom_headline][cs_text]
Both passwords and physical devices can be stolen, which is why many companies are enacting two-factor authentication processes for employees who need to access the network remotely. Two-factor authentication requires employees to use two different pieces of information to confirm their identities. Most two-factor authentication systems pair a strong password with a second factor such as a text message confirmation, a hardware element, or something else. For example, if an employee tries to log in using a two-factor authentication method from their laptop they may be prompted to first enter their password and then send themselves a “push”. The push is generated by an app, and in order to log in the employee must acknowledge the push using their mobile phone before access is granted.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Install Mobile Device Management Technology[/x_custom_headline][cs_text]
One of the biggest problems with BYOD is that because employees use their personal devices for both work related and personal uses corporate data and personal data can become intertwined. Installing Mobile Device Management (MDM) technology on all devices used for work helps you, and your employees, keep personal and corporate data separate. It also allows you to remotely access and remove corporate data from employee devices while keeping employee data private. This not only provides your company with stronger control over corporate data but also helps shield you from legal problems associated with accessing employee’s private information.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Enact Network Access Controls[/x_custom_headline][cs_text]
A lot of data leaks are the result of poorly patched software. When software companies discover vulnerabilities in their programs they issue patches to fix them. However, patches are only useful if they are installed. Unpatched and out of date software is vulnerable to cybersecurity attacks because unscrupulous individuals now know exactly what vulnerabilities they can exploit to potentially gain unauthorized access. By incorporating Network Access Control (NAC) you can ensure that all devices that connect to your network are up to date on their software, including anti-virus software. Devices that are not up to date are denied network access until they are updated.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Protect Your Endpoints[/x_custom_headline][cs_text]
Endpoint protection involves using security programs that scan all devices requesting access to your network. This software then identifies any devices that may be infected with malware or other viruses an
d denies them access. This not only protects your internal network but also helps safeguard other company technology assets and other employee devices.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Require Strong Passwords[/x_custom_headline][cs_text]
One of the simplest things you can do to improve your company’s cybersecurity is require employees to use strong passwords. NIST (the National Institute of Standards and Technology) offers comprehensive password guidelines in section 126.96.36.199. (Memorized Secret Authenticators).
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Require Immediate Notification for Lost or Stolen Devices[/x_custom_headline][cs_text]
In a BYOD environment, employee’s personal devices are not only connected to your network but may also have corporate data stored on them. Therefore, if an employee’s device is lost or stolen your company should be informed immediately so that you can take proactive measures to protect your corporate data. You should have clear cut policies in place that requires employees to report lost or stolen devices and make sure that all employees understand that this is the case.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Use Device Locator and Remote Wiping Services[/x_custom_headline][cs_text]
Should a device be lost or stolen you should have protocols in place for safeguarding the data stored on the device. A device locator service (such as Find My iPhone) can help you and your employees locate lost devices. However, if the device is stolen you may need to consider wiping it so that unauthorized users cannot use the device to access corporate data. Remote wiping services can help you remove corporate data from employee devices that may have fallen into unscrupulous hands.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Create a Policy for Exiting Employees[/x_custom_headline][cs_text]
Ending a working relationship with an employee is never pleasant, but that doesn’t mean that you don’t need to be prepared for that eventuality. You need to have clear and robust policies in place for removing corporate data and access to your network from the personal devices of exiting employees. All employees should be aware of those policies and when an employee is exited those policies should be enacted as soon as possible.
A BYOD policy is a great way to reduce costs and increase employee productivity, but if it isn’t implemented correctly it can cause headaches and leave your corporate data vulnerable. Not everyone is a cybersecurity expert, and many businesses don’t have the resources to create a full time, in house cybersecurity team. That is where Managed Security Service Providers (MSSPs) come in. MSSPs can provide your company with protection and monitoring 24/7/365 and help you mitigate damage should a cybersecurity event occur.