Christmas and New Year are very busy times and cyber security often takes a back seat with the new devices delivered by Father Christmas. However, the importance of basic cyber security measures should never be underestimated, particularly when these new devices are brought into the workplace and granted access to the network.
BYOD (Bring Your Own Device) is in theory a great thing, making flexible working easier and meaning that businesses do not have to invest in technology for employees, as they can use their own. However, in the same way that a new employee wouldn’t be expected to work properly without an induction, ensuring proper controls are in place for personal devices in the workplace is essential. With all of the benefits that BYOD brings, there are as many security risks that make your business vulnerable.
Below are some of the things that we would suggest you do at a minimum to ensure that the new personal devices and your business remain safe.
Bring Your Own Device Policy
By devising and implementing a clear bring your own device policy, your employees know exactly what they are allowed to do, and what devices they are allowed to use when bringing their own devices to work.
By outlining a procedure, you ensure that standard processes, such as IT checking the device for vulnerabilities before connecting to the network, are clearly communicated and followed. Also, in any instances where the procedures aren’t followed and may lead to a security breach, you have a policy with which you can discipline employees accordingly.
It important to ensure that all apps and software are patched and up-to-date to protect against vulnerabilities that have been discovered in older versions of the software. If you are an Eventura customer, it is likely that we are doing this for you on all devices we are aware of, but for personal devices we cannot monitor this if we do not know they are used for business. Software vulnerabilities are not something you can ignore. If you don’t update your software, you’ll leave security holes open for cyber criminals to take advantage of. Software updates both deliver new features and fix security issues. Both parts of this equation are equally important. (Software Updates + New Features = Good patching).
Having a documented approach to patching and making sure it’s completed fully is a major step in ensuring you’re protected against common threats. It’s not just Windows that’s susceptible. If you use popular software or apps, like Java, Adobe Flash, Adobe Shockwave, Adobe Acrobat Reader, QuickTime or popular web browsers i.e. Chrome, Mozilla Firefox or Internet Explorer, these need to managed as well.
Think, do you know how long your device has been stored in the box before unwrapping? How can you be certain that no vulnerabilities have been addressed in updates, unless you look?
Change default usernames
There have been a number of reported incidents where cyber attackers have leveraged manufacturer default credentials to carry out attacks and compromise devices. To help protect from this threat, you should change the default usernames and passwords on each new device.
There are a few things you need to pay attention to when looking to set good passwords. First of all, don’t use the same password in more than one account! The justification is simple – if one of your online accounts is hacked, then the others will soon follow. By using different passwords, you minimise the potential loss you could suffer in case of a password breach. Stay clear of the obvious stuff such as a relative’s name and DOB, significant dates, numbers for vowels, sports teams, string of numbers and patterns from the keyboard.
Antivirus and Antimalware
You should have anti-virus or anti-malware products regularly scanning your devices and network to prevent and detect threats. You need to make sure they are kept up-to-date, switched on and monitoring the files that they should be. You must be ready to act upon any alerts issued by the AV and malware protection.
There are a number of online resources offered by the National Cyber Security Centre that offer advice on how to secure your personal devices. To be redirected to their website, for more information, click here.
Equally, if you have concerns about cyber security within your business, feel free to contact us for advice. We are able to help you put in place all of the measures mentioned within this article, along with many more. Our team of experts have a great deal of experience in helping businesses to become and remain secure online.
Extra Top Tip: If your children received mobile devices for Christmas, ensure that parental controls are switched on to hide harmful content, control in-app purchases and manage how long children spend online.