Bring your own Device (BYOD) and Network Security

Increasingly, businesses are receiving requests from employees to allow them to bring their own device into the business network environment. In some cases, small businesses may actually encourage the practice in the misguided belief that they can reduce the cost of providing equipment that is necessary for staff to perform their jobs.
From IPhones, Ipads, and Andriod smart phones, to laptops, external hard drives and thumb drives all these devices are outside the control of the network system administrator and all are vectors of potential attacks and sources of intended or unintended viruses, malware and general security risks.

A decent percentage of attacks that occur on an organization’s infrastructure are initiated by people internal to the organization. Most of these attacks are unsophisticated.

Internal attacks may be initiated by a disgruntled employee. Until fairly recently, the tools that disgruntled employees could use to carry out these attacks were limited. Unless they have some level of skill, most people aren’t able to install hacking tools on locked down corporate desktops; however this is much easier to accomplish on a personal device brought into the business computer network.

The future of attacks against network infrastructure by disgruntled employees can be broken down into three basic categories:

1: BYOD means that a lot of people are no longer using locked-down corporate desktops. A disgruntled user in an organization that allows staff to  BYOD going to be able to install and deploy any number of automated exploit tools on an the organizations computer network with a lot less effort than a disgruntled user of a locked down corporate desktop.

2: Gen-Y and millennials are far more computer literate than Gen-X and Boomer employees. This doesn’t mean that they necessarily know the details of how to compromise a network, but it generally means that they are more likely to be able to locate “script kiddie” type automated exploit tools that make it relatively easy to exploit a network.

3: The growing culture of hacktivism, popularized by the efforts of groups such as “Anonymous” means that more of these disgruntled, computer literate Gen-Y and millennial employees are going to lash out using hacking tools. In the coming years, we’re going to see a lot more these types of incidents from disgruntled computer literate employees.

Having a BYOD policy can make it very difficult for the network computer systems to be secured and properly protected as the vast majority of security products and procedures are by design, intended to protect the internal computer network from external attacks.

From a security perspective, the most difficult part of the attack has already been accomplished by a device that is not under the control of the Systems administrator, and therefore has not been properly configured and secured is on the network and interacting with the vital Computer network systems.

Network security is paramount to the productivity of any business.  Wondering how one can easily compromise your business network?  Advanced Network Consulting offers a no-pressure, one hour on-premise complimentary technology analysis.  We meet with you and your company officers, discuss your needs, wants and goals, and formulate a plan to secure and maintain your network.  We look forward to providing customized, practical technology solutions for your business.