• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Mobility   »   Bring your own fear to work

Bring your own fear to work

  • Posted on:October 10, 2012
  • Posted in:Mobility
  • Posted by:
    Trend Micro
0

There is a double-edged sword in the workplace that IT personnel feel they must either learn to wield or impale themselves on – BYOD (bring your own device) programs. Employee-owned mobile devices are as useful as they are potentially devastating to enterprise data security solutions, so while more businesses may deploy these intiatives, mobile devices remain a major nightmare for many management professionals.

On the one hand, there are the cost savings associated with mobile deployments. Less facility upkeep, more remote working, higher levels of productivity and more employee loyalty when they're given the freedom to set their own schedules and work at a different pace, and all at no extra cost to the company. The downfall is when endpoint security becomes an issue. Seeing as BYOD is driven by employee-owned devices, work is not the only activity these tools are used for, which could result in an increased likelihood of malicious targeting and hacking. It can be difficult to find security solutions for every kind of user, especially when every platform poses its own risks.

A mobile mess

There are trends that IT professionals should be mindful of when preparing a comprehensive data protection plan. For those working with BYOD constructs, knowing which tools are most likely to be targeted and by what kind of attacks can help a company plan ahead for the inevitable intrusion attempts likely to spawn from certain devices.

One of the newest threats on the mobile landscape is currently a sleeper, according to Hot For Security. The source stated that the bug focuses on Android phones, a likely target, seeing as it currently makes up the majority of the marketplace. The fake app installs itself on a user's mobile device and masquerades as the Android Store, though it doesn't function in any way like its icon indicates.

The entire purpose of the application is to track the device at all times, remotely connecting with a server and pinging the location every few seconds, according to CSO Online. Researchers are not yet sure what this software is intended to do, as it doesn't seem to execute any other sort of malicious attack, but the fear is that it could be paired with other spyware in the future.

CSO Online reported that a Juniper Networks review last year found Android attacks increase nearly 200 percent every year, meaning IT professionals should take a hard look at employees within the organization looking to use these tools as primary devices for work.

Focusing on the defense

Finding smarter ways to battle hackers is key for data protection. Seeing as there's no way to stop every attacker at the gates, server security should take precedence to protecting an individual user's device, as it's entirely possible that unregistered smartphones and tablets could still be trying to legitimately gain access to company information without IT professionals' knowledge.

Computerworld reported for CIO that it's better to think about the situation as company-owned versus consumer-owned. A business should take ownership of its devices the same way it does its data, instituting the same rigid practices and safeguards to secure its investments and business continuity. However, in a BYOD landscape, a company can execute less control over who tries to access its servers and when, and with limited access and authority over a privately owned device, there's no way to effectively maintain that instrument.

An online security study published by Computerworld found that nearly 60 percent of respondents were using some sort of enterprise-level mobile application to access their corporate networks, with more stating that these tools will likely expand within their organizations in the near future. Businesses need to take adequate steps to protect themselves from employees as well as third parties before implementing these solutions. Even though mobile devices are geared at improving efficiency while cutting expenses, they could result in a costly loss.

Related posts:

  1. Companies, employees will work for common ground for BYOD next year
  2. Bring Your Own Apps – Manage Risk to Reap the Rewards
  3. IDC: Mobile virtualization bolsters productivity, security
  4. Report: ‘BYOD’ is changing workplaces

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.