FEATURE: BYOD
I
t has been estimated that mobile
devices and the traffic they create
on networks will increase by 26X
between 2010 and 2015, driven by
more powerful smartphones and tablets,
with users demanding Internet access
and access to applications wherever and
whenever they want and this trend is
likely to continue in 2016.
Enabling this is an explosive build-out of
WiFi networks by employers, 3G and 4G
networks by mobile providers, as well as
public WiFi by retailers, municipalities,
etc. The more employees can easily
access work using WiFi and mobile
networks, the more widespread these
networks will become, thereby further
enabling access.
Changing game plan
While attackers have always targeted
IT users, towards the end of 2015, the
trend shifted where the primary target
is to take advantage of user behaviours
to breach the network. This last point
is important because once the user has
been compromised or their credentials
have been lifted, the attacker then has
access to anything important that is
connected. The Internet of Things (IoT)
is further becoming an area of concern
that can be exploited by cyber-attacks
since IoT devices are being increasingly
network-enabled and not always
hardened or evaluated for vulnerabilities.
According to the Cisco Connected
World Technology Report, 7 of 10
employees admitted to knowingly
breaking IT policies on a regular
basis, and 3 of 5 believe they are not
responsible for protecting corporate
information and devices.
Results from the Cisco Connected
World—International Mobile
Security survey indicated that 26%
of respondents from the total survey
sample said they take more risks with
company-issued devices than their
personal devices. The reason, according
to those who reported being bolder
with online behaviour when using a
company-issued device, is the belief
that IT will provide support if something
goes wrong. This attitude likely includes
the belief that current threat defense
software will help to provide protection.
The important thing to understand
is that an increase in mobile devices
increases the chances of a breach, to
the point where all companies should
accept the fact that it’s probably going
to happen. There needs to be a focus
on understanding what to do when
the breach occurs and how to mitigate
against it before serious damage is
done.
BYOD challenges for organisations
in 2016
Adopting BYOD comes with a set of
challenges for the IT organization.
Many of the benefits of BYOD, such
as having the choice of any device
and anywhere, anytime access, are
somewhat antithetical to traditional IT
requirements for security and support.
With new IT initiatives like BYOD,
expanding GUEST requirements, and the
need to secure a new class of connected
devices, the IoT, the attack surface for
cyber threats has increased significantly.
Today there are 10 billion connected
devices but that number is expected
to grow exponentially – exceeding
ACCORDING TO THE CISCO CONNECTED WORLD TECHNOLOGY
REPORT, 7 OF 10 EMPLOYEES ADMITTED TO KNOWINGLY
BREAKING IT POLICIES ON A REGULAR BASIS, AND 3 OF 5
BELIEVE THEY ARE NOT RESPONSIBLE FOR PROTECTING
CORPORATE INFORMATION AND DEVICES
30
INTELLIGENTCIO
www.intelligentcio.com