Follow on Google News
News By Tag
* AccessData
* BYOD
* It Security
* Android
* More Tags...
Industry News
* Technology
* More Industries...
News By Place
* United Arab Emirates
* More Locations...

Country(s)
United States
Australia
India
Hong Kong
England
China
- - -
More Countries


Industry News





April 2024
FrThWeTuMoSuSa
19181716151413

Follow on Google News

AccessData Advises ‘Keeping Eyes on the Enterprise’ for Mitigating BYOD Risk in the Middle East

Bring Your Own Device a popular trend emerging in the region carries with it security risks that need to be addressed through appropriate measures
By: AccessData
 
May 19, 2013 - PRLog -- DUBAI, United Arab Emirates: The prevailing movement that is becoming popular in the Middle East, labelled ‘Consumerization of IT’ or Bring Your Own Device (BYOD), will continue to shift the way employees interact with enterprise applications and information, which raises considerable security challenges to any organization. These devices may include an array of tablets, including Apple® and Android™ smartphones, “Wintel” laptops, and devices we have yet to see. For some organizations, such as universities, the array of user devices may be unlimited, and therefore their grasp on securing data may be tenuous for quite some time. Other organizations will be in a better position to leverage policy to control the acceptable devices allowed and to ensure they have the ability to investigate these devices as needed.

Paul Wright, manager of professional services and investigation team, Middle East, India and Africa at AccessData says that employee productivity and flexibility, reduced operational costs, ease of employee provisioning, and organizational agility ensure that BYOD is here to stay. However, to make BYOD viable, organizations rely on two key ingredients: authentication and policy. Authentication ensures that the right individuals and devices are allowed access to the appropriate resources. Policy ideally defines what is allowed from a usage perspective, establishes the organization’s right to investigate employee-owned work devices, and outlines any security applications that are required to be installed on the employee devices.

Much of the industry conversation revolves around an organization’s ability to monitor and examine employee-owned devices. Due to legal questions and privacy requirements, many organizations still do not have BYOD policies, as described above. However, whether an organization has successfully implemented a concrete policy or not, the fact is the most critical elements in securing your enterprise against BYOD threats is enterprise visibility and remote remediation capabilities. If you can’t see what’s happening on the computers, servers and shares across your enterprise, as well as within network communications, you can’t effectively defend yourself against any threat, let alone those originating from employee-owned devices.

BYOD programs increase risk and compound the challenges organizations struggle with every day. Unfortunately, many of the threats that increase with the introduction of a BYOD program are often not preventable.

Theft or Loss of Sensitive Data
How do you prevent personally identifiable information from being copied onto uncontrolled devices? What stops a user from utilizing their phone camera to snap an image of sensitive content?

Breaches of Acceptable Use Policy
Can users of BYOD devices access internet sites that violate acceptable use policies designed to limit risk? For example, BYOD users may be more likely than corporate users to fall victim to a phishing attack, resulting from a visit to a malicious website.

Malware
Introducing employee-owned devices to the enterprise exponentially increases the opportunities for malware exploits. Many of these exploits are new and undefined, which means they are not caught by traditional, signature-based tools. So how do we increase our ability to detect?

Malware, in particular, is a growing concern, as the exploits targeting BYOD are increasing in frequency. It was discovered that “Find and Call” was actually a dangerous address book harvester, freely available on the protected Apple App Store. Then there’s the Android “Marketplace,” based on the Google open source operating system, which more or less invites malware development. Furthermore, BYOD includes windows-based computers not owned and controlled by the enterprise but used by the employee primarily for work. Can we rely on users to update their anti-virus, anti-malware and patch levels? Hardly.

While the ability to forensically examine, monitor and remotely secure BYOD devices is critical, the most effective approach to addressing the increased risk presented by the BYOD trend is to keep eyes on the enterprise. Proactive host and network monitoring, and integrated analysis of that data allows organizations to detect and remediate data leakage and malware, even when its missed by IDS, DLP and other traditional preventative tools.

Inside the enterprise, proactive steps that look for policy violations, vulnerabilities and irregularities should include:

Regularly scheduled audits of servers and computers across the enterprise to identify confidential or classified data.

Enterprise scans to identify malicious code that antivirus and IDS may have missed.

Network traffic capture and forensic analysis.

Depending on the BYOD model, organizations may implement a mobility management solution that focuses on applications, information, policy, devices, and so on. However, despite the approach to handling BYOD devices, there remains a real need to ensure that employees are complying with BYOD policies, that there is protection against data leakage, that inappropriate or inadvertent network access is not happening, and that corporate assets remain free of malware. This is not possible without complete and proactive enterprise visibility.

About AccessData
AccessData Group has pioneered computer forensics and litigation support for more than 25 years. Over that time, the company has grown to provide a broad spectrum of stand-alone and enterprise-class solutions that enable digital investigations of any kind, including computer forensics, incident response, eDiscovery, legal review, IP theft, compliance auditing and information assurance. Its AD eDiscovery product, which is built on the industry-leading Forensic Toolkit® (FTK®) technology, is an automated, in-house solution that addresses the left half of the EDRM model. It enables litigation hold, identification, collection and preservation, processing and de-duplication, ECA and first-pass review, and then generates a load file for common third-party review tools. AccessData's award-winning AD Summation legal review technology addresses the right half of the EDRM model and is the gold standard throughout the legal community, having received more than 45 legal industry technology and “Reader’s Choice” awards since 1997. More than 100,000 users rely on AccessData. From desktop and server applications, to hosted solutions, AccessData combines its innovative technology with market-leading expertise to provide the decisive advantage for Governments, Militaries, Businesses and Law Firms and Legal Departments, large or small.

More information is available on the company website http://www.accessdata.com  

Product Contact

Geoff Brooks

AccessData Group

Tel: +971 (50) 6527659

Email: gbrooks@accessdata.com
End
Source:AccessData
Email:***@procre8.biz Email Verified
Tags:AccessData, BYOD, It Security, Android
Industry:Technology
Location:United Arab Emirates
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
Procre8 PRs
Trending News
Most Viewed
Top Daily News

Most Viewed
Top Daily News

May 19, 2013 News



Like PRLog?
9K2K1K
Click to Share