Connect with us

Featured

Shadow IT make you wannacry

Published

on

The opinion of shadow IT, or the installation of unauthorised apps in an organisation is divided. Some believe that it answers the need for agile solutions, while others think in increases security risks. SIMEON TASSEV, MD and QSA at Galix Networking sets the record straight.

There are mixed opinions about implementing unauthorised, IT applications (apps) within the organisation, a practice known as Shadow IT. Opinion on Shadow IT is divided into two camps. Some believe that due to the fast pace of business, demands are exceeding IT capability, Shadow IT answers the need for fast, agile solutions and encourages innovative thinking. However, others suppose that Shadow IT causes a breakdown in traditional yet necessary processes, opening up the scope for risk.

While the market has driven the need for Shadow IT to play a role, the risks cannot be overstated. There has been a significant rise in cyber-crime activity over the last few months, with malware such as the WannaCry Ransomware, and the more recent Petya and NotPetya attacks, making news headlines due to the damage caused on a global scale.

Shadow IT, Ransomware and the missing link

Many businesses lost crippling sums of money and critical data due to these attacks, with some being forced to shut down for an extended period.  In an environment where malware can be introduced on any devices, businesses cannot afford not to be fully cognisant of everything that touches their network. So, does this mean Shadow IT is the cause by being the key that unlocks the door to virulent network attacks?

Today’s average user is far more technologically savvy than ever before. The range of apps available across a range of devices means that it is fairly simple for an employee to discover one which they believe addresses a business requirement better than what their current IT department provides. Often, employees are able to better understand what they need from a technology to improve productivity. In fact, Shadow IT may help users to more effectively do their jobs and, if formally introduced, could help businesses to innovate quicker.

However, in many cases where users implement applications or systems without permission, or notifying their IT department, these apps and systems cannot be effectively monitored or controlled. Data moving across these systems is therefore equally unmonitored. The business has no control over where their data is, who has access to it, and what the safety measures are around it. Ultimately, this can be very dangerous.

What can be done?

IT departments should ensure that they conduct regular audits for unauthorised applications and systems to ensure that the business remains secure. Once completed, any discovered (and unapproved) apps need to be discarded or integrated into the existing IT ecosystem, based on their benefits. The IT department should also educate users on the risks of Shadow IT.  Making them aware of their potential to unwittingly introduce malware such as ransomware or other cyber-threats.

Hooked on Shadow IT?

Users often become dependent on the apps and systems that are introduce independently. When the IT department becomes aware of their use, it may be too late to stop use of the app without negatively impacting productivity and functionality. In fact, employees usually search for these kinds of tools in order to boost their productivity in specific areas where the individual may slack. In addition, the tool or app used may not necessarily work for the business or other co-workers and cannot be implemented on a whim.

When the IT department, or the business, is unaware of systems and apps being used for business purposes, they are unable to apply the necessary threat prevention and other security measures that will ensure the safety of not only the business, but also the user. Thus, the user assumes responsibility for any security breach that may occur through their use of an unauthorised app.

A positive spin

Conversely, Shadow IT can only be helpful for the business, however, only if it is carried out in collaboration with the IT department. Users can be empowered to identify and recommend apps and systems which may ease common business pains, which also alleviates the pressure on IT departments while fast tracking innovation. Simultaneously, IT departments retain a say in what will or won’t work with existing infrastructure and security systems.

In conclusion, although Shadow IT can definitely open up the scope for risk within the business, the IT department within the organisation can collectively work with employees to mitigate security risks. The result is a solution that answers the needs of the user and the business, while still falling within the control of the IT department, and under their security umbrella. There are, therefore, no unidentified or insecure points for malware to enter the business’s systems and the responsibility for the protection of company data still resides with the IT department. Finally, IT should become involved in the assessment of these ‘Shadow IT’ apps and systems, and perhaps it should be touted as ‘Collaborative IT’.

Featured

How we use phones to avoid human contact

A recent study by Kaspersky Lab has found that 75% of people pick up their connected device to avoid conversing with another human being.

Published

on

Connected devices are becoming essential to keeping people in contact with each other, but for many they are also a much-needed comfort blanket in a variety of social situations when they do not want to interact with others. A recent survey from Kaspersky Lab has confirmed this trend in behaviour after three-quarters of people (75%) admitted they use a device to pretend to be busy when they don’t want to talk to someone else, showing the importance of keeping connected devices protected under all circumstances. 

Imagine you’ve arrived at a bar and you’re waiting for your date. The bar is busy, and people are chatting all around you. What do you do now? Strike up a conversation with someone you don’t know? Grab your phone from your pocket or handbag until your date arrives to keep yourself busy? Why talk to humans or even make eye-contact with someone else when you can stare at your connected device instead?

The truth is, our use of devices is making it much easier to avoid small talk or even be polite to those around us, and new Kaspersky Lab research has found that 72% of people use one when they do not know what to do in a social situation. They are also the ‘go-to’ distraction for people even when they aren’t trying to look busy or avoid someone’s eye. 46% of people admit to using a device just to kill time every day and 44% use it as a daily distraction.

In addition to just being a distraction, devices are also a lifeline to those who would rather not talk directly to another person in day-to-day situations, to complete essential tasks. In fact, nearly a third (31%) of people would prefer to carry out tasks such as ordering a taxi or finding directions to where they need to go via a website and an app, because they find it an easier experience than speaking with another person.

Whether they are helping us avoid direct contact or filling a void in our daily lives, our constant reliance on devices has become a cause for panic when they become unusable. A third (34%) of people worry that they will not be able to entertain themselves if they cannot access a connected device. 12% are even concerned that they won’t be able to pretend to be busy if their device is out of action.

Dmitry Aleshin, VP for Product Marketing, Kaspersky Lab said, “The reliance on connected devices is impacting us in more ways than we could have ever expected. There is no doubt that being connected gives us the freedom to make modern life easier, but devices are also vital to help people get through different and difficult social situations. No matter what your ‘connection crutch’ is, it is essential to make sure your device is online and available when you need it most.”

To ensure your device lifeline is always there and in top health – no matter what the reason or situation – Kaspersky Security Cloud keeps your connection safe and secure:

·         I want to use my device while waiting for a friend – is it secure to access the bar’s Wi-Fi?

With Kaspersky Security Cloud, devices are protected against network threats, even if the user needs to use insecure public Wi-Fi hotspots. This is done through transferring data via an encrypted channel to ensure personal data safety, so users’ devices are protected on any connection.

·         Oh no! I’m bored but my phone’s battery is getting low – what am I going to do?

Users can track their battery level thanks to a countdown of how many minutes are left until their device shuts down in the Kaspersky Security Cloud interface. There is also a wide-range of portable power supplies available to keep device batteries charged while on-the-go.

·         I’ve lost my phone! How will I keep myself entertained now?

Should the unthinkable happen and you lose or have your phone stolen, Kaspersky Security Cloud can track and protect your device from data breaches, for complete peace of mind. Remote lock and locate features ensure your device remains secure until you are reunited.

 

Continue Reading

Featured

Five key biometric facts

Due to their uniqueness, fingerprints are being used more and more to quickly identify and ensure the security of customers. CLAUDE LANGLEY, Regional Sales Manager, for Africa at HID Global Biometrics, outlines five facts about the technology.

Published

on

How many times in a day are you expected to identify yourself? From when you arrive at work you are required to sign in, visiting your bank, receiving healthcare services… The list is endless. When a system knows who you are, you are able to do any number common, everyday activities. Your identity is unique and precious. It is also easily stolen and the target of many hackers across the globe. Technology is constantly evolving alongside the criminal element, always looking for ways to protect data and identity. One such solution happens to be biometrics and it is rapidly gaining traction in our increasingly complex modern world.

Reliable, secure and fundamentally YOU, unique biometric traits such as fingerprints are being used by banks, enterprises and consumers to verify identity. Biometric solutions offer significant identity protection because they use unique biological details to ensure an account is only accessed by the account holder, a door only opened by the owner. Here are five things that are little known about this technology…

  • The uncut identity. Your fingerprint is unique to you. Nobody can use a copy of it to impersonate you. Good technology is capable of scanning down into the layers of the fingertip to differentiate unique elements of a person’s fingerprint, this data is then encrypted and used as a key to unlocking whichever physical or virtual door that the biometric system protects.
  • The living proof. No, there is nothing to the stories of fingerprints being used without their owner’s knowledge or permission. Biometric solutions can use specific variables to determine if the finger used to access the system is that of a present, living person.  A copy or a fake cannot be used to access a cutting-edge biometric solution.
  • Easy and convenient. Queues and documents and paperwork may well be a thing of the past should biometrics take a firmer grip of government and banking systems. The process of registering is easy, and access to identity documents and records is yours alone.
  • Security blanket. A thousand passwords and a hundred post-it notes stuck on walls and drawers.  An excel file with a list of sites and applications and their corresponding passwords, all a thing of the past.  Nobody needs to remember their password with biometrics, they only need to show up.
  • Anywhere is cool. Schools, airports, networks, offices, homes, toilets, banks, libraries, governments, border controls, immigration services, call centres, hospitals and even clubs and pubs – knowing “who” matters and biometrics can quickly and conveniently confirm your identity where needed.

Continue Reading

Trending

Copyright © 2018 World Wide Worx