Keeping data safe in an ‘always-on’ world
KUALA LUMPUR: One of the greatest advantages of a mobileenabled workforce is no doubt the employee’s ability to always be connected.
Unfortunately, this also expands the risk as mobile-enabled employees are more exposed to cyber security threats worldwide.
Sanjay Rohatgi, senior vice president of Symantec Asia Pacific and Japan, highlighted this recently, and pointed out that in today’s complex and rapidly changing threat environment, information security professionals are facing increasing number of security breaches than ever before – in 2014, more than 317 million new pieces of malware created last year, and five out of six large companies were attacked .
“Another trend observed this year was the increase in security threats in small and medium-sized organisations.
“About 60 per cent of all targeted attacks struck small and medium sized organisations globally, since these organisations often have fewer resources to invest in security. Many are still not adopting basic best practices like blocking executable files and screensaver email attachments,” Sanjay said.
“As the popularity of smartphones exploded in the last five years, IT departments have learnt to deal with the trend of ‘Bring Your Own Device’.
“But today, it is no longer just about the device, but also about ‘Bring Your Own Application’ and ‘Bring Your Own Cloud’ into the workplace.
“Mobile applications and cloud services are increasingly embedded into all parts of our personal lives. Organisations are finding that their employees increasingly want to use their own apps, clouds, personal mobile devices and platforms to work (often alongside corporate-provided devices/platforms).
“And they can’t be stopped. Employers need to embrace the use of mobile devices and cloud storage tools, such as Dropbox and Google Drive, for both work and personal agendas, or risk losing their talent,” he explained.
With personal devices and cloud applications now being used to access corporate email, calendars, applications and data; many organisations are struggling with how to fully define the impact to their security posture and establish acceptable procedures and support models that balance both their employees’ needs and their security concerns, he noted.
“Companies are managing up to 75 point products, resulting in too many alerts and false positives to deal with. Most attacks go undetected because today’s security products are not integrated across all three control points: endpoint, network, email,” he added.
So, what can companies do to better protect themselves and their customers’, sensitive data from security threats? Sanjay advised, organisations should uncover advanced threats. He pointed out that the first step is to gain visibility of the present state of dormant and active live threats within your network environment and across your IT asset estate.
“Advanced attacks can cut across multiple control points making it worse for customers. What’s more, many threats go undetected for months or longer. Your IT department will need to secure user devices accessing emails and also provide additional access to content and web apps,” he said.
Sanjay also highlighted that organisations should prioritise what matters in a company. He advised that companies should assess
the situation and prioritise those that are the most critical and time-sensitive.
He also urged organisations to remediate fast. He said, “If you lose your phone or PDA that was issued by an organisation, your IT department may consider to revoke issued certificates or ask you to log into websites to change your password immediately.
“Furthermore, companies should opt for security products that can provide administrators with the visibility and ‘rich’ intelligence needed to uncover and remediate advanced attacks.”
Aside from that, Sanjay said, companies should leverage on existing investments.
He said, “Organisations don’t want to install any more point products or any new agents that potentially cause disruption to their entire enterprise.
“Solutions like Symantec Advanced Threat Protection (ATP) leverages existing threat protection infrastructure, helping companies to achieve an effective data protection regime without the expense and implementation issues from vendors.”
Overall, he said, “By adopting strategies that are flexible and scalable and taking advantage of new and upcoming security features, organisations will be better-equipped to deal with incoming — and even sometimes unforeseen — challenges to their security infrastructure.” KUALA LUMPUR: Dell has announced updates to the SonicWALL Secure Mobile Access (SMA) operating system (OS) that provide remote workers using smartphones, tablets or laptops with policy-enforced SSL VPN access to missioncritical applications, data and resources.
According to a press release, the new Dell SonicWALL SMA 11.4 gives organisations the power to easily provision secure mobile access on a global scale, regardless of data type, device used and/or remote worker location, with a new turnkey approach that ensures secure access of multiple concurrent users.
For users in highly regulated industries such as government, financial and health care, the SonicWALL SMA portfolio has new capabilities to ensure security compliance with the latest industry and government regulations.
According to the 2016 Dell Security Annual Threat Report, malware for the Android ecosystem continues to rise, putting a majority of all smartphones at risk.
Not only has Android-specific ransomware gained popularity throughout the year, but Android malware writers continue to be on the fast track to finding creative ways to evade detection and analysis.
With the number of both corporate-issued and personal devices used by employees to access corporate network assets, this alarming trend in Android malware attacks has organisations grappling with how to provide secure access to company applications, data and resources, from any device, without compromising the security of the network.
Han Chon, director, Security and Endpoint Systems Management, Dell Asia Pacific & Japan said, “With so many mobile devices being brought into the workplace by a growing remote workforce, both employer-issued and personally owned, data and applications are intermingling and putting organizations at an increased risk of a serious security breach.
“The Dell SonicWALL Secure Mobile Access (SMA) portfolio addresses the need for organizations to quickly minimize the window of exposure for remote and mobile workers before an attacker can potentially cripple the organization by gaining access to corporate data either in-flight or on the mobile device itself.
“Dell SonicWALL SMA 11.4 provides our customers with completely secure mobile access to any data type, through any device, to any authorised users as dictated by their IT administrators.”