Dell: Rise of BYOD a ‘hackers dream’ as privacy risks rise across local enterprise
- 07 May, 2015 01:38
Privacy Awareness Week is now underway, an initiative held every year to promote awareness of privacy issues and the importance of the protection of personal information.
As technology in the workplace evolves and more companies implement BYOD strategies, technology firm Dell believes there is more impetus on businesses to ensure security across their networks don’t impact your personal devices.
In fact, a recent report from the Australian Signals Directorate claim that cyber-attacks on Australian businesses specifically rose 20 percent in 2014 and is expected to increase further, with New Zealand no doubt expected to follow the trend.
“Our mobile devices know more about us than ever before,” says Jeff Morris, General Manager End User Computing, Dell. “We can use them to track our health and fitness levels, make mobile payments and control our household thermostats.
“But the unprecedented levels of personal information stored on these devices cause huge privacy concerns for people who use them for work.
“Effective security measures is especially important for companies with a Bring-Your-Own-Device (BYOD) policy. BYOD is a popular style for work for many Australian businesses and, with an increased blurring of the lines between work and play, there are employee concerns that their privacy is at risk.
“If employees believe their personal information can be accessed or monitored by IT, they are likely to work around security policies.
“But while ensuring privacy is important, you also need to protect the enterprise information accessed from and residing on employees’ mobile devices.”
According to Morris, creating a secure enterprise workspace on personal devices can help address privacy concerns.
“The workspace separates enterprise data and applications from personal ones,” he explains. “As a result, personal data and apps can’t mix with or capture enterprise information.
“This approach protects employee privacy, since IT manages only the secure workspace. By contrast, traditional MDM solutions allow IT to control the entire device and access all the data on it.”
Delving into the issue deeper, Ian Hodge, Managing Director at Dell Software A/NZ believes the rise of social media on smartphones is, for want of a better phrase, a ‘hackers dream.’
“With many people taking security for granted, coupled with the fact that social media and mobility trends continue to grow, there are huge risks involved in respect to security and privacy issues,” Hodge adds.
“If we continue the trends of smart device, social media and mobility adoption, we could see a future where things like identity theft, ransom ware, data theft and fraud are commonplace.
“If a smart device is lost and your social identities are automatically logged in, cyber criminals can obtain a plethora of information and gain access to businesses and end-users most valuable possession – their data.”
According to Hodge, online trust needs to be bolstered by demonstrating the commerce sites are well protected irrespective how they are accessed, from both a corporate and consumer perspective.
“Hacking is a clear and present danger for organisations that store customer databases and credit card information,” he adds.
“And it’s not just a monetary issue, the impact of being hacked has wider implications. Online shopping, for example, may suffer credibility issue, as people will not be confident to share their personal and financial details.”
Growing importance of Privacy
Adding to the debate, Simon Ractliffe, General Manager and Director at Dell SecureWorks believes privacy has become “more important than ever before” as underground hacker markets continue to boom in 2015.
“Online privacy and ensuring all your online entities are secure has never been more important,” he adds.
“The underground hacker markets are booming with counterfeit documents including new identity kits, passports, utility bills, social security cards and driver’s licenses.
“These documents enable many kinds of in-person fraud, whether it is buying a high-end purchase with a duplicated credit card, applying for bank loans or attempting government fraud.”
Ractliffe believes it’s clear the underground hackers are monetising every piece of data they can steal or buy.
Additionally, they are beginning to sell the tools to enable would-be hackers to progress and commit opportunistic crimes, as well as conduct online and in-person fraud.
“Malware, infected computers, walk-through guides and even hackers-for-hire, are all available to purchase on the underground hacker market,” Ractliffe adds.
“In order to prevent this criminal activity and ensure your sensitive information stays private, it is essential organisations, as well as individuals, stay aware of the threat and implement proactive measures to ward against the loss of data.”
Consequently, Ractliffe offers the below tips to ensure individuals maintain their privacy and remain safe:
1. Avoid clicking on links or attachments within emails from untrusted sources. Even if you recognise the sender, you should confirm the sender has sent the specific email to you before clicking on any links or attachments.
2. Reconcile your banking and credit card statements on a regular basis with online banking and/or credit card activity to identify potential anomalous transactions that may indicate account takeover.
3. Make sure your anti-virus is current and can protect against the latest exploits. Also, make sure that your anti-virus vendor has signatures for detecting the latest Trojans and you have the most up-to-date anti-virus protections installed.
4. Do not use “trial versions” of anti-virus products as your source of protection. Trial versions of anti-virus products are good for testing products, but do not continue to use the trial version as your protection for your home or work PC. The danger is that the trial version does not receive any updates, so any new Trojan or virus that is introduced after the trial version was released will have total access to your PC.
5. Make sure you have your security protections in place. Software Patch management is key. It is critical that as soon as they become available you install updates for your applications and for your computer’s operating system.
6. Be cautious about installing software (especially software that is too good to be true – e.g. download accelerators, spyware removal tools), and be conscience about pop-ups from websites asking users to download/execute/or run otherwise privileged operations. Often this free software and these pop-ups have malware embedded.
7. Consider subscribing to a 3 in 1 credit monitoring service to alert you when new credit or bank accounts are applied for, credit balances go over the norm, etc.