Tag: Bring Your Own Device

Cloud faces fresh security risks

netthingsA report from Zscaler examines security threats ahead and said the diversity of devices used to access data make it difficult for organisations to stay ahead.

The Zscaler 2014 Security Cloud Forecast says that attacks on DNS servers are increasing and one of the problems is that “tens of thousands” of Internet DNS are not secured. And attackers use DNS techniques mimicking load balancing, with malware using DNS to conceal command and control networks. Companies, in 2014 should monitor DNS traffic, particularly on new domains.

Cloud services rely on HTPPS and SSL for encryption but by the end of this year, the industry standard will become 2048-bit keys rather than 1024 bit.  Visibility becomes as much as five times more difficult with this move.   SSL will be enabled by default for many web services next year.

The move to BYOD – bring your own device – is “the weakest link”, said Zscaler.  When businesses move corporate data to the cloud and people use mobile devices there is no real security appliance between data and device. Zscaler warns to expect mobile attacks using email, web and malicious third party apps.

And the “internet of things” also brings its own problems, Zscaler warns.  Accessing these multiple devices using smartphones is insecure but there is no minimum base level security in place. “In 2014, attackers will make attempts on the internet of things in homes, businesses and in critical pieces of infrastructure,” the report concludes.

BYOD: security, it’s heard of it

byodA survey by Context said that despite the prevalence of BYOD (bring your own device) in the work place, security cannot be guaranteed.

Context says there’s a clear trade off between convenience and security. It examined three products: Airwatch, Blackberry Universal Device Service and Good for Enterprise, in conjunction with IOS and Android devices.

While these products all provide good levels of BYOD security, Context found the underlying operating systems limits what they can achieve.

Alex Chapman, senior consultant at Context, said: “There is no realistic way to guarantee the security of a workable BYOD environment, but organisations can take significant steps towards mitigation of security risks if they combine technical security controls with clearly defined acceptable use policies. MDM…can only lock down mobile devices to the extent that underlying operating systems will permit and BYOD implementations can only lock down devices to a level that users are willing to accept.”

Gartner believes BYOD will save the world

threeiphonesTight-arsed corporate types are planning to shift their computer hardware bill to their staff, according to analyst outfit Gartner.

In a new report, Big G have been talking up the future of Bring-your-own-device, claiming that the trend is the single most radical change to the economics and culture of client computing in a decade.

Gartner predicts that by 2017, half of all employers will require workers to supply their own devices for work purposes. What is particularly unpleasant is the enterprises will more often than not refuse to give money to help employees buy their gear.

More than 38 percent of companies expect to stop providing devices to workers by 2016 and let them use their own, according to a global survey of CIOs.

Basically it means that employees will shift the cost of buying personal computers onto their staff.

Of course, the trend will happen in the US first where employers are allowed to treat their employees like slaves or they are not being patriotic.

Big G said that companies in the United States are twice as likely to allow BYOD as those in Europe.

Companies in countries such as India, China and Brazil are already forcing their staff to buy their own standard mobile phones at work.

By 2015, the number of employees using mobile applications in the workplace will double. Today, roughly half of BYOD programs provide partial reimbursement.

Mass-market adoption of BYOD and the steady decline in carrier fees, employers will gradually reduce subsidies until they are no longer there.

Gartner’s David Willis said that the enterprise should subsidise only the service plan on a smartphone. It is better for them to keep it simple because if they buy a device for an employee and they leave it is impossible for them to settle up.

Employees are generally thought of as being happy with the plan so employers do not have to see it as a cost cutting idea.