With corporate security measures becoming increasingly more effective, often the only point of entry to a company's network for a cyber criminal is via an employee. The real target for cyber criminals today is not technology. It's the people who can unwittingly give them access to the technology. In addition, today's BYOD [bring your own device] trend and the mobility of employees and company data present a growing security challenge.
While security is generally top of the IT department's agenda, and it is the IT department's role to secure a business' systems and data, many security weaknesses are unwittingly caused by these same people who are responsible for securing a network. This was the result of research conducted by security software company Kaspersky Lab, says Danny Myburgh, MD of Cyanre, and is the result of the IT department's focus on keeping IT working, and because they are caught between the business needs of securing devices and data and the increasing demands for mobility.
"Research found that the negative impact of mobile devices on security was not only the result of the mobility of devices, but because of a number of assumptions IT departments make around the data they carry. In today's mobile business environment, securing mobile devices has become a priority, but many IT departments neglect to think about the fact that the data carried on these devices isn't contained as it would be in a centralised office environment. By working with the assumption that this is the same situation as when the data is in the data centre, IT becomes an unwitting accomplice of cyber criminals, according to Kaspersky's research," Myburgh points out.
The report quotes IDC research, which shows that desktops/laptops represent the most serious concern for data loss prevention (DLP), and that the endpoint represents a more immediate threat to data loss. "IDC data also shows that mobility is the number one factor driving new security spending, suggesting that more organisations are taking heed and beefing up security measures beyond their data centre perimeters."
Myburgh adds that the use of managed anti-malware, anti-theft and privacy technologies for mobile devices is a good start to address protecting mobile data. "Comprehensive security measures that incorporate protection, detection and response measures are equally important. Malware is still slipping through the latest prevention measures, making detection and response even more vital."
Cyanre will be participating at this year's ITWeb Security Summit, taking place from 7 to 9 May 2013 at the Sandton Convention Centre. For further information, click here.
Share