Bring your own device might be a growing trend in the modern workplace, but only 11% of people worry about keeping work files safe on their mobile devices, points out a Kaspersky Lab survey
As the adoption of mobile phones, tablets and
laptops continues to grow at the workplace, so has the opportunity for new
cyber security risks. According to a survey conducted by IT security firm
Kaspersky Lab in conjunction with B2B International, around half of the
consumers surveyed also use their mobile devices for work. However, only one in
10 is seriously concerned about keeping work information safe should
cybercriminals gain access to their device. Kaspersky Lab also conducted
another survey to find out which cyberthreats internet users are aware of and
which they fear the most. It turns out that theft of online accounts is the
biggest concern for users. But more on it later, first a look at the BYOD
phenomenon and related security threats.
One way or another, many employees of large
and medium-sized companies use personal mobile devices for work. 36% of
respondents store work files on them, and 34% keep work-related email messages.
Sometimes, more confidential information can also be found on users’ devices,
such as passwords to corporate email accounts (18%), networks or VPNs (11%).
Such information represents a valuable prize for cybercriminals hunting for
corporate secrets, points out the Kaspersky Lab survey.
Despite these risks, a bring-your-own-device
(BYOD) business model offers many benefits to organisations, even those
enterprises that have a great deal of confidential information. For example,
easy access to corporate communications and applications alongside personal
data and activities means that employees can see and manage tasks faster and
more effectively. However, to keep the business and any proprietary data
secure, the integration of BYOD into the IT infrastructure must be implemented
responsibly by employers. Kaspersky Lab’s specialists have several
recommendations that should be borne in mind when connecting employees’
personal devices to corporate IT networks:
* BYOD integration should be regarded as a specific project; this is especially
true for large businesses. Every last detail of the integration process should
be designed beforehand; and this should ideally include an infrastructure
audit, a design stage and a pilot implementation
* To effectively protect mobile devices, it is important to use a comprehensive
solution that ensures security across the entire corporate network, not one
that focuses only on mobile devices
* Managing mobile devices in a large business requires additional skills over
and above those demanded by routine system administration. It is worth ensuring
there are appropriately qualified IT security specialists on the team.
These can provide centralised management for
all mobile devices within the corporate network, ensure that all mobile
applications are installed, removed and/or updated via dedicated corporate
portals, and regulate data access levels and employee privileges
* Most importantly, the business needs to develop robust scenarios for how to
remove personal devices from the corporate network if they are lost or stolen,
or if an employee leaves the company.
“By successfully creating and managing a BYOD
network, businesses can simplify their IT operations while providing greater
flexibility for employees. However, BYOD can potentially create security gaps
if not managed effectively,” said Kirill Slavin, general manager at Kaspersky
Lab.
Meanwhile, the other Kaspersky Lab survey finds
online account theft the most feared cyberthreat among users.
Hacking of accounts and malware designed to
steal passwords and confidential information were cited as the biggest
concerns, with approximately the same number worried about these two threats
(both 68%). Financial threats came third, with 63% concerned about possibly
losing money from an account, followed by phishing emails and websites in
fourth place.
Threats designed to steal credentials were
also among those that users are most familiar with—86% of respondents are aware
of account hacking, phishing and malware that intercepts passwords. This shows
that the best known and most worrying online threat for users is the theft of
their digital identity. One alarming result highlighted by the survey is the
fact that 28% of users are ignorant of the ransomware threat. This is at a time
when new malicious programs that encrypt files on computers and demand payment
for a decryption key are emerging more and more frequently.
“People are concerned about the safety of
their online accounts, although in reality few of them think they will be
targeted by a cyberattack. And that’s where they’re wrong! Attackers often rely
on the element of surprise, when users least expect it,” said Elena Kharchenko,
head of consumer product management at Kaspersky Lab.
Source | Financial Express | 19 October 2015
No comments:
Post a Comment