There is an ongoing mobility trend taking place in the workforce. How do you advise IT managers to implement the Bring-Your-Own-Device (BYOD) policy without compromising on security?
BYOD is a double-edged sword. The millennial generation today relies on their mobile devices, for leisure or for work. It is increasingly difficult to prevent users to not use their own devices at work. For example, if a user were to use their tablet or smartphone at work, they may demand access to the WIFI network, which would invariably allow these devices to become ingrained within the network. If such devices then become infected through a user's own carelessness in installing malware, which can happen quite easily given that there are many malware and "jailbreaking" mechanisms that can render devices vulnerable, then these mobile devices may become "trojans" that lurk within the confines of an organisation's network.
Smarter defences, such as Check Point's ThreatCloud, can alleviate these problems by stopping threats at the proverbial "door", together with Check Point's Mobile Access Software Blade which can allow users to safely tap into organisational networks by secured mobile access rather than from within the network itself. In short, all mobile devices can be treated as "hostile" and are to access the network via the Mobile Access Software Blade, and the rest of the organisational defence can take over. The process is transparent to users, and everyone is happy.
Data breach seems to be topping the security headlines lately. What do you think are some common vulnerabilities that have caused organisations to fail to keep their data secure?
Data breach is increasingly menacing, given the surge in broadband availability, BYOD, end-user lapses (mere carelessness or malicious), and so on. Global mobility is also rendering new threats, such as WIFI insecurity in transit, or even physical device theft and so on.
The key here is to remember that when convenience trumps prudence, there will be no security. For example, when a user insists on using a mobile device and the organisation allows ready access without security, you can assume there will be data breaches. If a user brings his own laptop overseas, instead of a "clean slate" laptop with no data and can only tap on corporate data and not store them, the vulnerability is glaring should the laptop gets stolen or if the user has his data eavesdropped at an unsecured WIFI network in a cafe. If data is important, writing data to mobile devices such as USB drives and CD or DVD drives may also require some defensive mechanism to log and monitor these usages. Organisations have a lot at stake these days, and it is important to treat data as a prized possession for what it truly is.
Sign up for CIO Asia eNewsletters.