THERE HAS BEEN AN INCREASING NUMBER OF CYBERCRIMES OVER THE PAST THREE YEARS – PARTICULARLY IN ESPIONAGE AND CYBER HACKING. ACCORDING TO THE PONEMON INSTITUTE*, AN AMERICAN ORGANISATION THAT CONDUCTS RESEARCH ON DATA PROTECTION AND SECURITY, CYBERCRIME HAS MORE THAN DOUBLED OVER THE LAST THREE YEARS AND THE FINANCIAL IMPACT OF THESE ATTACKS HAS INCREASED BY ALMOST 40%. IN AUSTRALIA ALONE, IT IS ESTIMATED BY SYMANTEC THAT CYBERCRIME HAS COST AUSTRALIANS $1.65 BILLION IN 2011. IN THE NORTON CYBERCRIME REPORT 2012**, SYMANTEC REPORTED THAT CYBERCRIMINALS WERE INCREASINGLY SETTING THEIR SIGHTS ON MOBILE PLATFORMS.
Although large enterprises, hosting providers and even government departments have been the victim of cyber-attacks over the past year, as often documented in the press, many targets have been small and medium-sized enterprises. The cyber-attacks carried against small and medium-sized enterprises have usually been the theft of financial data such as credit card details. With simple security measures in place, 90% of these crimes could have been prevented. However, it is taking many organisations up to seven months to detect a breach of their system.
On the overall scheme of things, financial crime has actually fallen in comparison to cyber hacking and espionage which have increased over the past year. Such crimes are usually carried out against large enterprises. Login credentials were a particularly commonly targeted vulnerability where 74% of cyber-attacks have targeted remote access entry points. With the increasing popularity of the BYOD (bring-your-own-device) initiative where employers are permitting their employees to use their own devices at work to access company data, what measures can an organisation take to ensure that if they offer employees the ability to access company data remotely, that these entry points are secure?
According to Craig Moore, Solentive Software’s Lead Architect, the rapid development and adaptation of mobile computing platforms, from laptops to tablets and smart devices is placing increased pressure on organisations, both big and small, to support remote computing if they want to stay competitive in an increasingly tight market.
“A large portion of companies who have fallen victim to cybercrime are usually running legacy remote access frameworks designed to manage corporate devices such as SOE (standard operating environment) laptops and old smartphone models. These devices are not equipped to manage today’s remote access needs and cannot be adapted. The use of these devices has led to increased exposure of corporate infrastructure and digital assets as access points are opened around the existing infrastructure to support short term needs,” explained Moore.
“Remote access is quickly taking precedence over the provision and maintenance of adequate security in the rush to keep up with efficiency demands. However, performing the two does not have to result in large scale expenditure. Rather, they can be achieved by taking the time to understand the remote access needs of the business,” continued Moore.
The following should be taken into account when developing a viable security solution that satisfies the core needs of the business:
Employees do not necessarily need the same level of access remotely as they do when they are on-premise. Most users only need a small subset of their normal access when working remotely. By understanding and identifying employee access requirements, some components can be exposed on a required basis only, to ensure that data is not unnecessarily at risk when it is not needed. Every employee does not need to have access to the entire company network on their smartphone.
Do not rely on users or the devices themselves to secure your digital assets.
Look for secure cloud-based services where on-premise is not a necessity. Secure cloud services are designed to be accessed remotely.
Move with the times and look to the future. Understand what you are trying to achieve and adapt to the changes in technology rather than resisting it. The IT landscape is dynamic. The management practices of remote computing five years ago do not apply in today’s world. The popularity of BYOD and the devices and platforms that are now available to support this are not going to go away, so rather than trying to prevent employees from using these devices, strategically plan for their use.
Unify and simplify remote access and security policies. If the policy document is too long, most employees will view the policies as antiquated and ignore them. Simplifying the language of the policy will help end users to understand and adhere to the policies.
Regularly check server logs for suspicious activity.
However, Moore points out that the most important point is to educate your users.
“Do not assume that they will follow your policies just because you sent them an email to say that they have to. It is important to help them understand what you need them to do in simple terms and why. Any breach in security or cyber-attack is almost always initiated by the action of a user,” concluded Moore.
* Rawlinson, K; & Doss, M., HP Research: Cybercrime Costs Rise Nearly 40 Percent, Attack Frequency Doubles, October 2012 – (Hewlett-Packard)
** 2012 Norton Study: Consumer Cybercrime Estimated at $110 Billion Annually, September 2012 – (Symantec)