Intelligent CIO Middle East Issue 36 | Page 34

EDITOR’S QUESTION IS IT BECOMING EASIER FOR CYBERCRIMINALS TO ACCESS COMPANY DATA? ////////////////////////////////////////////////////////////////////////////////////////////////////////// Ashraf Sheet, Regional Director, Middle East and Africa at Infoblox, says companies can balance giving employees the freedom to use their devices in the workplace while ensuring the network remains secure. W e are in the age of the ‘office of the future’ – every company now battles it out to attract staff and clients by having the most fun office, with the newest gadgets and apps. This has seen countless consumer toys become ‘business critical equipment.’ But has our love for consumer technologies made this the easiest time for cybercriminals to hack businesses? In a word, yes. At Infoblox we recently conducted a Shadow IoT research report, 34 INTELLIGENTCIO entitled What is Lurking on Your Network, that found fitness trackers, smart TVs, virtual assistants and games consoles are increasingly becoming part of the office furniture. These devices open up a whole new myriad of ways cybercriminals can access company data. These devices and consumer apps often make their way on to company’s networks without following the IT department’s guidelines. This increases the potential for an attack. We have previously seen personal devices undergo numerous malware attacks, for instance in 2017 McAfee researchers identified 144 apps on the Google Play store that contained a new malware strain, Grabos. If this malware was downloaded on the company network, it could lead to a data breach disaster. One option to avoid these breaches is to block personal devices and using social media in the work place. However, the fact is, employees want to use their new gadgets and access apps in the office and companies want to entice new staff by allowing them. Rather than restrict employees it is important to educate them on what is likely a phishing scam or a malware riddled piece of software and help them become the first line of defence. Businesses can also ensure they are avoiding major data breaches by having full visibility over what devices are connected to their network. Using systems that identify all devices on the network at any given time, like an IP address management system, can provide real-time visibility of anything connected to the company network. They can also secure their network through DNS security solutions that will alert them of any new assets or devices that are joining the system so they can identify and block malicious activity quickly. Personal devices and consumer apps aren’t going to go away from the workplace. In fact, each year a new device will be on trend and people will immediately want it on their desk. These will provide a whole new host of ways that make it much easier for cybercriminals to access company data. We are essentially making it easier for them each time we buy a new toy. But, the war is not lost. With the right solutions companies can get ahead of their staff and protect networks no matter what new gadgets are suddenly connected to them. www.intelligentcio.com