Security company ForeScout has some disturbing new statistics about the state of digital corporate security. According to their research, 85% of IT professionals surveyed said they lacked confidence in their ability to spot a new device, imported by a user as it appeared on, and connected with the company’s network.
The danger here is that you can’t guard against threats you cannot see. Many of the devices brought in by employees lack proper security, and some devices lack any security at all. If these are connected to your company’s network, they provide an easy access point for any hacker looking to breach your security. As things stand now, the two biggest security risks are BYOD (Bring Your Own Device) gear introduced to the network by employees, and the growing proliferation of IoT (internet of things) devices that collect and supply massive amounts of data. Unfortunately, there hasn’t been very good coordination between IT and the rest of the employees in most companies when it comes to devices of either category.
What should be happening is that if a new, unknown and unrecognized device is added to the network, it should alert IT immediately, and be shunted into a sandboxed part of the network with extremely limited access, until it can be assessed by IT for potential security risks. Once IT is satisfied that the device is properly protected, its status can be upgraded as appropriate. Unfortunately, that’s not happening, or rather, it’s not happening in a very high percentage of companies.
Do you know how many devices are attached to your network at any given point in time? Do you know if those devices are secure? Are they all trusted? Do they have appropriate levels of network access? These kinds of questions can literally make or break your business. If you’re not sure, and you need help getting a handle on it, call us today, and a member of our team can assist you in assessing the current state of your digital security, and make recommendations from there.