Thursday, June 21, 2012
Tuesday, June 19, 2012
Hacker claims breach of 79 banks, releases customer data
A hacker claiming to have broken into networks of dozens of banks and stolen customer data, has released as proof a file that contains names, addresses, e-mail addresses, and phone numbers in plain text, but no credit card numbers. Read More
Thursday, June 7, 2012
BYOD: Developing a Security Policy
Who hasn’t heard of BYOD or bring your own device? It’s happening right now in your organization as we speak. Chances are you may even be reading this on one. According to a recent poll completed by Harris Interactive, more than 80% of employees use personally owned electronic devices for work related functions. Smartphones, notebooks, iPads, e-readers, gaming consoles and more—the list of personal devices gaining access to employer networks seems to be growing every day in what has come to be a new phenomenon in the way employees are connecting to enterprise networks.
While BYOD is not necessarily a bad thing—staff can stay in touch with up-to-the-minute, real-time data, regardless of where they happen to be—it can pose a serious security risk for companies who don’t have a BYOD policy in place.
The risks you ask? The possibilities are endless when an unsecured device can gain access into the core intellectual property of an organization.
- Users browsing malicious sites
- Clicking malicious links in email and SMS messages
- Installing questionable firmware updates
- Making assumptions about the security and privacy of applications and public Wi-Fi connections
- Forgotten or stolen devices without simple levels of security in place like password protection
- Confidential company data lying around on unsecured devices
These are just a few of the possibilities when you do not have a BYOD security policy in place. Unless organizations can control the highly mobile platforms their users are allowed to bring into the enterprise, security will inevitably become a problem.
Now you are aware, what do do about it? Below are a few simple ideas to think about when getting started:
- Establish what devices are permitted
- Specify to employees who are interested in BYOD which devices you will support and which ones you will not.
- Establish a stringent password policy on all devices
- If your employees want to take part in BYOD then they will have to have a complex password in place to access their devices at all times.
- Define who own what apps and data
- The line gets a little fuzzy when combining both personal and work data onto the same device. If an employee quits or the device is stolen or lost what happens to the data? Enacting a policy providing you the right to wipe personal machines if they were used for work purposes should an employee quit or lose their device, will aid in keeping the company secure.
- Train employees on good security policies
- Empower your employees to recognize questionable websites and links, educate them to identify possible phishing attacks and show them how to take on the simplest of security measures by turning on auto-locking features, password protections and encryption of their devices.
- Make it an easy transition for your employees
- Always assume your employees will value their own convenience over company security. If your security policy is to complex or inconvenient they will find a way around it. Keep this in mind when you are establishing your BYOD security policy.
These are just a few simple and inexpensive ideas to get headed in the right direction. Contact Convergent Technologies Group and we will help you with the right solutions to keep your company protected.
Wednesday, June 6, 2012
6.5 Million LinkedIn Accounts May Be Compromised, Change Your Passwords Now
If you have a LinkedIn account, now's a good time to change your password. Up to 6.5 million user accounts and encrypted passwords have reportedly been leaked and posted to a Russian hacker site. Read More
Subscribe to:
Posts (Atom)