May 09, 2012

SC Congress Canada: Policies can combat mobile worries

While some industry professionals focus on securing mobile devices, expanding threat vectors and implementing stern policy are what should be keeping them busy, a panel of experts said Wednesday at the annual SC Congress Canada in Toronto.

As cyber criminals search for vulnerabilities or weak access points in enterprise networks, malicious activity aimed at mobile devices is on the rise, according to the bi-annual McAfee Threat Report. However, security professionals shouldn't be losing sleep over the influx of these modern-day endpoints, Faiza Kacem, manager for IT security and disaster recovery at the National Bank of Canada, said at the session.

"I would say that the mobile devices themselves do not bring any new threats," she said. "It's the points of entry that have increased."

Although the bring-your-own-device (BYOD) trend is currently one of the hottest topics in the industry, mobility is an issue that's been faced before, Kacem added. The real problem is figuring out a way to provide appropriate instruction to users.

"We have to make sure we have the proper framework in place and make them aware that those devices can bring another vector to attack," she said.

One of the best possible ways to deal with emerging mobile threats is to build a security-minded culture within the enterprise, said Larry Ponemon, chairman of consulting firm Ponemon Institute. Not only do policies have to be written properly, but they must consist of things that can actually be enforced.

"They key variable is keeping a perspective on this, and it's not going to be a technology fix," he said. "This [BYOD] is like other security risks, but it's a monster because it affects so many companies and so many people."

The new generation of employees referred to as "digital natives" are accustomed to bringing in their own devices to the workplace. Companies have to adapt to ensure productivity, said Michelle Warren, president of MW Research and Consulting.

"We have this generation coming out of school that bring in the products and insist they know how to work best," she said. "Organizations are forced to deal with this change and how they implement policies."

Similar Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.