Giving users the flexibility to work effectively and at the same time keeping an IT environment secure is a major challenge for administrators. But, says SIMON CAMPBELL-YOUNG of Phoenix Software, using the right security software is the first step in minimising an organisation’s security risks.
IT security has never been simple, but the challenges companies face now are more complex than ever. More than half of employees use their own mobile devices for business, and mobile malware is surging. Social technologies are now vital business tools—and a popular vector for spam and phishing. Cloud computing offers new models for growth and innovation but complicates data protection.
The challenge is always giving users the flexibility to work effectively while mitigating the risk of exposure you have by allowing that flexibility. According to Juniper Networks, 6 million+ unique malware samples were identified in the first quarter of 2011, a 26% increase from Q1 of 2010 and far exceeding any first quarter in malware history. 70 000 new malware strains are detected every day, and 54% of employees use their own mobile devices for business purposes. In addition, 34 million information workers have installed unsupported software in the past year and 63% of businesses in one recent study said employees’ use of social media puts their organisation‚s security at risk. All of this makes it imperative that any business uses the right security software as the first level of defence.
Malware and the malicious websites that distribute it through phishing and spam are still top concerns for businesses all over the world. In many cases, malware finds its way in through the applications users rely on every day: Internet browsers, Java, Adobe Flash and Acrobat Reader are among the most popular vehicles. But he believes that the most significant change is the proliferation of malware targeting mobile devices.
Smartphones and the mobile malware threat they present are the biggest risk both businesses and consumers face today. Malware targeting the Android operating system has increased by 400%, and 85% of smartphone users are not employing an anti-virus solution to scan for malware. Protecting the data users access, store and share via mobile devices requires a combination of security solutions and user policies.
I recommend these four steps to protect data on mobile devices:
1. Tightly control what can be installed on mobile devices.
2. Install anti-virus and anti-spam on every device.
3. Detect and prevent installation of known malware.
4. Protect data on lost or stolen devices:
• Enforce use of security PINs to control access.
• Encrypt sensitive or proprietary data.
‚Ä¢ Use management capabilities to ‚remote wipe‚ data.
In addition to the threat of mobile malware, social media is an additional increasing menace. Social media has evolved to become a vital part of the business toolkit. Sure, employees are checking Facebook on their lunch break, but they’re also using social tools to answer customer support calls, collaborate with colleagues and partners, and seek user input for new product innovations. This has resulted in an increase in malware attacks. That’s why it’s important to protect your network with Web content filtering, which enables you to limit user access to certain websites, either because they violate company policies or because malware has been detected.
Whether it’s addressing mobility or social media, here is a three-pronged approach for your 2012 security strategy:
1. Technology: Intensified security around mobile devices is critical as they face increasing exposure to threats.
2. Policy: Do your employees clearly know what is allowed and not allowed? Can they recognise suspicious links and content?
3. Risk assessment:
• What is critical to your business?
• How are you going to protect it?
• How will you prevent downtime?
• How will you get back up and running quickly?
Any security strategy must address both the technical and human vulnerabilities. The people aspect is huge, because no technology alone can stop it.
* Follow Gadget on Twitter on @gadgetza