To some extent, the culture of BYOD has developed as a direct result of companies saving money by not purchasing dedicated corporate devices for their staff. More frequently it has often been surreptitiously brought into an organisation with execs buying the latest 'gadget' and then requesting corporate email on it, opening the flood-gates for BYOD use – and without a second thought for information security. Employees are happy to use their own devices because they are familiar with them – after all, they chose them themselves, and it is a continuation of the blurring of lines between work and home life. However, once that device holds company data, it needs to be covered by the company’s security policy. What… you don’t have policies relating to BYOD? Don’t worry, you are not alone…
Of tablets sold worldwide, only 25 per cent have been purchased for company use, whereas two thirds of people with personal tablets will use them for work at some point (source: Canalys). It's predicted that 100 million tablets will have been sold by the end of 2012 (source: ABI Research), meaning that nearly 50 million personal tablets will need to be incorporated into company BYOD security policies – and this doesn’t include smartphones, laptops and netbooks.
Essentially, people use their own devices to suit their needs and ultimately to be more productive, which is commendable. Many organisations have policies in place regarding use of laptops, but the proliferation of smart devices at work means that another level of protection must be added. Here are some questions your organisation should consider to ensure you reap the benefits of BYOD:
If alarm bells start ringing with any of these questions, it may be time to reconsider your BYOD policies and those around information security.
Guy Bunker
To hear more about BYOD, including comment from Clearswift's Guy Bunker, have a listen to InfoSecurity’s dedicated webinar.
The recent discovery of an Android SMS spam botnet by Cloudmark, which is detected by Symantec as Android.Pikspam, has gained media attent
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
Unsophisticated Wiper Malware Makes Headlines
Fake applications offered by phishing sites continue to appear. In December 2012, a fake app was seen that was titled, “Facebook 2013 demo”. Social networking users in India were most likely targeted in this phishing attack because the phishing URL consisted of certain words in Hindi. The phishing site was hosted on a free Web-hosting site.
Not so long ago, aspiring bot-herders, who wanted to get started with a botnet of their own, would have to hang out in the right circles or learn how to make one themselves. If they hung out in the right circles they would be provided with guidance and documentation to get started. If they were creative enough and had enough time and skill they could create their own from scratch.