Protect Yourself from BYOT (Bring Your Own Threat) Home Insights Blog Protect Yourself from BYOT (Bring Your Own Threat) June 05, 2019 Protect Yourself from BYOT (Bring Your Own Threat) In addition to their talents, every employee brings their own devices, sometimes networks, and thus their own challenges to IT staff. Basically – new hires mean potential new threats. Security professionals need to embrace new approaches to employee productivity and access yet also keep enterprise data separate from personal data. It’s a delicate balance. In addition to setting up account access and limiting data access by giving permission only where it needs to be, there are further considerations if workers are remote, such as making sure their home network is secure. The following are a few tips for onboarding employees without onboarding new threats. Protecting Yourself = Network Protection Start with early and frequent remote employee security training and awareness seminars that discuss home network security. Include things like: Family privacy When should a family member share personal information? What should they never share? Methods for blocking potentially malicious sites Open DNS Securing a home router and wireless network Changing the router’s default password How to install anti-virus software on home computers Email/phishing awareness for all family members Identity protection Personally Identifiable Information (PII) Some of these examples may seem simplistic and obvious. However a remote worker’s network is a weak link in your security program. Educating employees is a simple, proactive approach to helping mitigate risk. Be sure to extend your policies and protections to the cloud. Don’t fall into a false sense of security by thinking that whatever you've done on-premises is enough. Cybersecurity protections need to follow mobile users, wherever they go. This goes for web browser protections as well. Those Ubiquitous Mobile Devices Whether they are remote workers or not, another of the biggest threats to your network is employees who access their email, files and data on personal devices. Why is cracking mobile devices so simple? Unfortunately, they are usually a security afterthought and users can be complacent in applying updates and patches. Even software developers and IT professionals often neglect to update the software on their mobile devices. The problem with not updating mobile devices is that outdated software is a prime target. Manufacturers do recognize that it’s often inconvenient to update software and wait for a smart device to reboot so automatic downloads and installs are becoming more prevalent. Until that process is as ubiquitous as mobile devices, make sure employees take the simple, albeit slightly annoying, step to update their software at the recommended times. It’s imperative that your network is shielded from OS exploits, malicious links in both emails and SMS, infected apps, man-in-the-middle attacks and other exploits. Network Protection = Employee Protection In addition to teaching remote workers how to protect themselves and ensuring the software on employees’ mobile devices is up-to-date, here are a few additional tips to help keep everyone protected. Build a remote worker or Bring your Own Device (BYOD) strategy. Requirements on what is appropriate use of the corporate network, including proper data access. Mobile malware prevention solutions. Block malicious websites and prevent suspicious file downloads. Institute a mandatory malware prevention installation policy. Think beyond Mobile Device Management (MDM) and Enterprise Mobile Management (EMM) solutions. These solutions only manage devices and provide basic features like device wiping if the device is lost or stolen. They do not protect against things like unknown zero-day malware. Create an awareness program. Help employees understand what they can do to keep themselves secure, including tips on router hardening, free anti-virus software and privacy help. This creates culture of cybersecurity awareness and empowerment that employees will operate in — at home and in the office. Log all remote access. Does Joe in customer service normally log in from a far-off country at 2AM EST? Knowing where your employees are and what their normal business hours are protects everyone. Do not allow corporate data and applications to mix with personal data. When needed, encrypt files to ensure that only authorized users can access them. Implement anomaly detection. Set up alerts when someone accesses the network remotely from a foreign country, connects at an odd time of day or moves large quantities of data off-premises. Enforce virtual desktops for remote access with limitations on data access and movement. This provides security measures around personal devices because data cannot be downloaded). Protection = Identity and Data Management Because mobile device management and remote network management are part of your identity and data management program, your security team needs to be operating with cloud-based centralized management and dashboards that provides real-time threat intelligence and visibility. With the increase in mobile and remote work environments, organizations can be at risk or under threat by not securing devices, access and credentials. Instituting a holistic security strategy and appropriate policies will allow organizations to accommodate the ever-evolving mobile workforce without sacrificing security, data or IP protection. Maximize the value of your identity program and streamline operations in your business. Download our eGuide to learn more. By: Optiv Share: Threat Network Security PII How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.