Global Survey Shows Personal Mobile Computing Devices Growing Into a Major Cyber Security Concern

A global survey released by Fortinet recently should sound alarm bells for any organization at all concerned with the protection of digital assets and data. Joe Caruso, the founder and CEO/CTO of Global Digital Forensics, discusses the potential real-world impact the growing wave of personal computing devices in the workplace can have on any organization, well substantiated by the eye-popping numbers revealed in the survey, and the importance of performing up-to-date penetration testing and network vulnerability assessments regularly.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend

Don't let smartphones and tablets sink your business

it wasn’t that long ago that IT security personnel didn’t have to give a second thought to personal mobile devices as a threat to an organization’s cyber security posture, but those days are over

New York, NY (PRWEB) October 26, 2013

As technology continues to march forward, popular mobile personal computing devices like smartphones and tablets continue to get more powerful and convenient all the time. And as the survey of 3,200 currently employed 21-32 year olds conducted by the independent market research company Vision Critical on behalf of Fortinet earlier this month revealed, “the need for organizations to finally to shift a lot more emphasis to BYOD (Bring Your Own Device) policies, procedures and security awareness has never been greater, or more apparent,” says Joe Caruso, founder and CEO/CTO of Global Digital Forensics.

The line between personal and professional computing is getting blurrier by the day, and that can spell big trouble for IT security.

“It wasn’t that long ago that IT security personnel didn’t have to give a second thought to personal mobile devices as a threat to an organization’s cyber security posture, but those days are over,” says Caruso, “and with even more personal computing devices breaking into the market like Google Glass and smart watches, the problem of controlling and securing digital assets and sensitive data is not going to get any easier any time soon. The survey focused on the young Generation Y crowd, but don’t be fooled, users from every age group are in the mix too. And to further complicate matters, the increasing use of popular, free and easy-to-use cloud-based online data storage sites like Dropbox, and the potential security headaches associated with comingling personal and professional files and data outside of the organization’s control are also important factors that must be seriously considered and monitored.”

Battling a 51% Majority

“But the one number that should cause some sleepless nights for IT security personnel and business owners alike was that whopping 51% of those surveyed who admitted they would ignore any policy which would ban their use of personal devices at work, or for doing work. So it should be crystal clear that stomping out potential security holes related to mobile personal devices is not a problem that will likely be solved by trying to simply remove them from the equation. The same goes for personal online data storage sites. With just about 9 out of 10 respondents stating they have an account like Dropbox, and 7 out of 10 of those saying they use it regularly for work purposes, the potential for bad things to happen on the data security front certainly wouldn’t be considered a longshot by any oddsmaker. Another big problem is that a majority of those surveyed also admitted to being hacked or infected with a virus on their personal devices in the past, and that means there is also a very good chance they will be a great delivery method for hackers to infiltrate the company network as well.”

Assessing, Testing, Building Awareness and Emergency Incident Response

“The best way to deal with the threats posed by the growing BYOD movement, and the other peripheral issues like cloud-based data storage, is by reshaping the organization’s cyber security posture to keep up with the newest trends in technology and user behavior, because relying on yesterday’s assessments, methods, policies and procedures will leave you exposed and vulnerable today. At GDF, we’ve been helping clients protect their most valuable digital assets and data for many years by providing cutting-edge cyber security solutions. Our network vulnerability assessment protocols are constantly being updated to include the newest trends and threats. Our comprehensive penetration testing framework is always being refined to simulate what hackers are doing in the real-world, right now today, from the newest techniques and malware, to full simulations of sophisticated spear phishing campaigns, the number one delivery method for advanced attacks. We work hand in hand with our clients through every step of the process, from identification all the way through remediation, including helping them significantly improve user awareness on today’s cyber threats on an organizational level, because without addressing the human element, everything else is just an exercise, not a solution. And if the unthinkable has already happened, like a data breach or cyber intrusion, we have emergency incident response teams strategically positioned across the country and worldwide who are on call 24/7 to respond to any cyber emergency. In most cases, we can even start the remediation process remotely, which means immediately.”

And Don’t Forget the Power Tools

“We’ve also recently introduced two new software solutions to help IT security personnel combat both outsider and insider threats like never before. We just released the new DBRT, the Data Breach Response Toolkit, which is designed identify and remove the most sophisticated malware in existence today to help effectively stop and remediate even the most advanced cyber attacks, without relying on a known signature. DBRT’s agents can be controlled from a single command and control console so you can push the appropriate agents (Recon, Tactical, and/or Shield agents) to the right systems enterprise wide. You can even inoculate systems against reinfection from any threats identified, again, enterprise wide, and with a single click, right from the console. Visit GDF’s DBRT page to download a trial version and see for yourself.”

“We’ve also just released the new C-All User Activity Monitor|Recorder, which is like a video surveillance system for your network. C-All lets you not only monitor what’s happening in real time, but also lets you roll back time to see what users were up to in the past. You can set triggers to alert you when certain activities are performed, certain files were accessed, certain sites were visited or even when certain keywords are typed, then play it back in video form, so no more guesswork. A trial version is available on GDF's C-All page. “

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics services, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber-incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.