Cisco’s latest behavioural research reveals that employee behaviour is the second greatest security threat to enterprises, second only to cybercrime; a result of either employee complacency or active attempts to circumvent, what they consider to be, restrictive security policies. Ongoing user education about risks and best practice, plus user-friendly policies, is the best means of prevention.
As well as, it’s important to keep users on board by defending against external attack without compromising the quality of their experience. Centralised device management to give an overview of who and what is on the network – plus security measures across the network and its access points, which target breaches throughout the entire attack continuum – before, during and after an attack.
The problem in with cyber security risks is that they are invisible, increasingly present – and prevalent. Mobile data optimisation provider, Wandera, found 7 in 10 employee devices are transmitting sensitive data in ways susceptible to a man-in-the-middle attack. It detected such interceptions on the mobile networks of large organisations in the transport and financial services sectors.
So although the days of lock-down are gone forever, it’s clear that IT’s job emerges as more important than ever – but it’s a nuanced role as our regular contributor Guy Bunker, highlights. “The natural reaction is to worry about what these people offsite are doing with your valuable information or devices connected to your network.
Worrying about this is a headache and probably counter-intuitive. A better approach is to know where your data is and manage it properly. If your sensitive data – IP, finances, customer records, is kept on your network, you can keep it safe.” Redacting individual numbers and phrases that breach security is an intelligent and sensible approach that circumvents Big Brother type methods of blocking and returning emails, he suggests.
And intelligent means of surveillance of an organisations’ networks and devices must always be augmented by conversation with business users. Mobile security is most definitely a team effort involving the best dialogue and tools the CIO can muster.
Share your views and opinions on this via our LinkedIn Group.
Also by Helen Beckett
Helen Beckett is the Community Manager of the Business Value Exchange. She has been a writer and editor for over 20 years and takes a particular interest in the challenges facing the CIO in today’s business climate.