Better prepare your network for cyber-risks
In November 2016, the Australian Government appointed Dr Tobias Feakin, a security and cyber policy researcher, as the first Australian Ambassador for Cyber Affairs. This appointment, which was made as part of Australia’s $230 million Cyber Security Strategy (CSS), underlines the magnitude and potential severity that successful cyber threats pose to Australian businesses. The changing mix of technologies being used within businesses is also increasing risks, with the wider deployment of mobile applications and the Internet of Things (IoT) infrastructure creating new opportunities for cybercrime.
Mobility is already a necessity for businesses. As the use of mobility technologies increases across Australia, so do security threats. Smartphones and other mobile devices are creating a prime target for criminals. The rapid uptake of bring-your-own-device (BYOD) and wearable technology products such as Apple Watch to the workplace will increase an already high workplace demand for mobile apps in 2017.
To meet this increased demand for mobile apps, developers are now working under intense pressure with razor-thin profit margins. It is clear that in many cases app security and testing are being sacrificed to achieve quick app deployment at low cost. The result is business infrastructure that is more easily hijacked by criminals.
In 2016, the explosive popularity of the Pokémon Go mobile app was a case in point. Without warning, the location-based augmented reality game became a worldwide fad, installed by hundreds of millions of users onto their phones and tablets, becoming the most popular game in mobile history after just a few days. Many of the devices it was installed onto also connected to corporate networks. Soon afterwards, it became apparent that there were weaknesses in the app that led to security concerns and privacy breaches.
According to John Gonzalez, Regional Director ANZ for Extreme Networks, Pokémon Go illustrates why every business needs to be prepared to deal with the unexpected risks caused by the apps installed on their employee-owned smartphones and tablets.
“Businesses need both real-time visibility and control of what is happening over their network infrastructure. Technologies that allow application information flows to be automatically detected, measured and controlled are now essential for cyber-risk management, and should be embedded across your entire wireless and wired network infrastructure.”
Many IT departments lack the resources to anticipate unknown security attacks, but still need to allow users a lot of freedom to access network infrastructure using their own devices, under BYOD policies.
According to the Aberdeen Group, to have real knowledge about your infrastructure, you must have end-to-end visibility of which applications are running on your network. This includes who is accessing the network and on what devices, which applications they are using across the network, and whether the network and its systems are delivering high levels of performance.
Aberdeen Group claims that IT teams which have access to deep visibility and actionable network analytics are far better able to quickly respond to security threats before end-users are seriously impacted.
A study conducted by the Aberdeen Group also found that IT departments which have access to “best-in-class” network visibility tools also have higher ‘very satisfied’ or ‘extremely satisfied’ user satisfaction rates, as well as reduced times for IT department ‘break-fix’ resolutions. Overall, the study demonstrated that end-to-end visibility and application control have a tangible pay-off for end-users, leading to a typical annual 1% year-over-year decline of user complaints, compared to a typical annual increase in complaints of 8% for organisations that did not implement the capabilities.
This means that it is now critically important to implement workflows and infrastructure that deliver higher levels of visibility of device and application usage across the entire network infrastructure, without requiring significant administration overheads or a hit to performance.
Mr Gonzalez said, “When an application hits your network, you need the ability to not only see it, but to automatically make decisions on how you want to handle it. Ideally, you will want contextual security policies that provide fine grained access control, so you can permit, deny, prioritise, rate limit, tag, redirect and audit network traffic based on a user identity, time and location, device type and other environmental variables. Extreme Networks clients are able to implement these types of sophisticated controls across their wireless and wired networks, from the point of connection to the datacentre, without impacting on network performance.”
To reduce your cyber-risks from mobile applications, your organisation should consider benchmarking which applications are already in use on the network, measuring the performance impact on the network of these applications, and determine what ‘policy’ your IT team will take regarding the ongoing use of any specific application. Policy items to consider for any particular application include rate limiting performance, or ‘sand-boxing’ the application to limited use situations, or specific infrastructure.
Because of the huge number of mobile apps that are released every month, it is critically important to take steps to automate as much of this effort as possible, or at the very least, find ways to minimise the amount of your IT team’s time required to deal with the task. Technologies such as application fingerprinting and app profile databases can help IT teams to quickly evaluate the expected behaviour and level of threat of many common applications. These app fingerprinting technologies offer the potential for network infrastructure to automatically update permissions on the fly without incurring administrative delays and overheads, shutting the door on cyber-risks as they become known.
Choosing the right antivirus solution for your business is an important decision that can save...