The rise of mobile and cloud activity is dumping more on IT's security plate.
With major computer security breaches seemingly topping headlines every week, it’s clear that organizations need to recognize that it is not a matter of if when it comes to security breaches. It is a matter of when.
As if IT and users didn’t already have enough security threats to worry about — viruses and malware via email and the web, DDoS (Distributed Denial of Service) attacks, “phishing” emails, and major code flaws in popular programs — new ways of working also mean new, additional threats to contend with.
Here’s a quick look at three of these new and emerging tech security threats, and ways that IT can work to prevent or respond to incidents.
Mobile attacks
The growing capabilities of our mobile devices (and increased access to Wi-Fi through public wireless Internet service) are a key component of information mobility. Being computer-productive while away from the desktop PC and the office LAN is great for business. But this growing reliance on mobile devices also meansmore potential vulnerabilities beyond IT’s direct control:
- BYOD (user-owned devices) can be harder for IT to protect against threats like physical theft and malware and virus infection via email, web and other applications.
- Public Wi-Fi offers breach “opportunities,” ranging from rogue (imposter) hotspots that can intercept user connections, to “packet sniffing” — eavesdropping on unprotected or insufficient protected user traffic.
What can your IT department do?
- Use Mobile Device Management (MDM), for company-owned mobile devices as well as employee-owned BYODs.
- Use tools and services to ensure employees are only connecting to authorized, non-“rogue” hotspots, going to the correct destinations (as opposed to sites pretending to be them), and using VPNs and/or other encryption for all connections and traffic.
- Help ensure all mobile devices are running security software, and using strong security settings and precautions.
Infected USB flash drives
Free USB flash drives are one of the more useful event giveaways these days. Some may be a paltry 1GB, but it’s not hard to find them in up to the 16GB range — big enough to use as portable boot drives or other enterprise file stashes.
These can be dangerous, says Tom Henderson, Principal Researcher at ExtremeLabs, Inc.
“Unvetted USB drives have dangers to users because of how USB works — which can subvert systems security,” said Henderson. “Systems attempt to discover what to do with USB drives when a user inserts them, and malware takes advantage of this process to attempt to infect the system in a process that’s more controlled by the system’s firmware than by the operating system that’s been loaded.”
According to InfoWorld’s Roger Grimes, the “BadUSB” worm firmware exploit is a prime example of this. “The malicious code is planted in the USB’s firmware, which is executed when the device is plugged into a host,” writes Grimes. “The host can’t detect the firmware code, but the firmware’s code can interact with and modify software on the host computer.”
So what can users do to allow them to safely read and repurpose flash drives?
Pragmatically, “when in doubt, don’t read from or re-use them,” says Henderson. “There are some USB drive attacks that can subvert even the strongest antivirus applications.” Instead, go directly to the source: the organization’s website. There, you should be able to download the information that you are looking for. Or, simply contact them directly for the file(s).
Insecurity in the cloud
With more of IT moving to the cloud, security needs to follow in order to chase down and close any security holes. Start by determining current industry and government requirements and recommendations for cloud-related security, as your starter checklist. And IT, remember to educate your users about cloud security concerns as part of that.
Without a combined effort, strengthening IT security isn’t just difficult, it’s virtually impossible. Start the conversation on security now.
Tags: Blog