Organizations that permit BYOD must have a security policy that takes this into consideration, since personal devices may be used to carry Trojan horses onto the network—whether deliberately or inadvertently.
Hong Kong (PRWEB) July 05, 2013
With Internet connectivity and mobile devices becoming ubiquitous and cloud computing and big data continuing to advance in leaps and bounds, "online activity" has come to mean so much more than just sitting at a desk clicking through hyperlinks. In this new age of personal computing, enterprises must understand the risks and threats they face. Nexusguard Information Security Manager Ronald Pong's talk in an Information Security Showcase 2013 seminar—The Impact of DDoS in Corporate Cloud with "Bring Your Own Device" Environment— highlights the implications of "Bring Your Own Device" (BYOD) in corporate environments.
As an industry veteren, Pong notes that security vulnerabilities in a cloud environment generally originate from outside the network—malicious attacks, web apps, or even IT contractors. Current cloud computing guidelines such as the NIST special publication SP800-144, "Guidelines on Security and Privacy in Public Cloud Computing," are only technical references and are not yet comprehensive enough to rely on for risk mitigation in corporate environments. Pong goes on to suggest that corporations should adopt ISO 27001 standards in three critical areas:
1. Security policy
2. Access control
3. Information systems acquisition, development and maintenance
Pong cites the ENISA Cloud Computing Security Risk Assessment to point out that in an environment where cloud computing is deployed and employees are allowed to bring their own device, there is a greatly increased risk of being hit by DDoS attacks. Organizations that permit BYOD must have a security policy that takes this into consideration, since personal devices may be used to carry Trojan horses onto the network—whether deliberately or inadvertently. In extreme cases, denial of service (DoS) attacks may be launched from within the corporate network to obstruct business processes and damage operations and reputation.
Pong emphasizes that organizations must be prepared for the growing threats in a rapidly changing IT landscape. The most effective way, Pong recommends, is working with highly-reputed Internet security experts like Nexusguard on BYOD policy consultation and DDoS mitigation. Nexusguard's wide range highly-customizable Internet security services cater to clients of any size and industry—for example, Nexusguard's ClearDDoS Token is a subscription-based service that provides on-demand, cloud-based security to your networks. For more information, please visit http://www.nexusguard.com.
Stanley Liu - Senior Marketing Executive , Hong Kong
Ivy Wu - Marketing & PR Executive , Taiwan