BYOD – Bring Your Own Device
Mobile and BYOD (“bring your own device”) security continues to be a pressing concern for businesses of all sizes and verticals. Everyone is bringing their own devices to work, and, as ever, this creates countless new vulnerable spots in an organization’s network. Security awareness is generally not, after all, a strong suit among employees.
It’s become so pervasive, and employees become such an unwitting vector for cyber crime, the Federal Trade Commission has actually stepped in and offered some security advice for users. The basics are all included. Two-factor authentication, passcodes, pattern locks, finger scanners, and the like are key, as well as being cognizant of which devices are synched with which accounts.
Why did the FTC feel this was necessary? The information might be simple, but the data indicates it’s not being used wisely. Last year, according to a study from Javelin Advisory, identity fraud rose 16% among US consumers. Meanwhile, losses increased by $700, in tandem with a decrease in consumer spending partly attributable to more fraud on existing accounts. I’d say reminders like the FTC’s remain crucial.
It’s all part of the overall trend: more connectivity, growing fraud, and weak identity verification controls. Across the board, unfortunately, the trend isn’t improving. Only two short years have passed since the Office of Personnel Management experienced one of the largest data breaches ever in government, and though some lessons may have been learned in its wake, we are still woefully unprepared on so many fronts.
Already we’re mired in a whole election hacking scandal, when all of a sudden, more elections reveal glaring security shortcomings. In this case, private research into the recently concluded US House election in Georgia uncovered a serious hole pertaining to election operations and voting machines. Georgia is already a particularly vulnerable state, due to its reliance on outdated touchscreen voting machines that give no paper trail. Here, an error in server configuration allowed Logan Lamb to access a registration database with information on almost 7 million voters, poll worker passwords, and software for Georgia’s electronic poll books. His decision to share his findings publicly came in light of reports like the NSA’s and Bloomberg’s, about Russian military cyber attacks on election infrastructure and voter data in a number of states.
Whatever the truth may be, everyone is vulnerable, from the personal level to the state. Tensions run high with doubts ranging from election interference to insecure network access at the office. Nobody should let themselves fall behind in the security game, and yet, too often that appears to be the reality of the situation.