When a burglar chooses a house to break into, he scours the local neighborhoods looking for the home with the most lax security features. Overgrown shrubbery, no bars on the windows, no security sign in the front yard — these are some of the signs that it will be easy to get into and out of an unguarded home.
Cyber Criminals Look for the Easiest Targets, Just Like Burglars of a Physical Nature
Cyber criminals look for signs of a lack of security too. They look for networks that don’t use smart monitoring at the device and level, don’t employ smart user authentication, and don’t have mobile device management plans in place. Here, they can sneak in undetected and have a field day, stealing data and corrupting systems at will. Criminals are good at choosing the path of least resistance, so you don’t necessarily need to have impenetrable security, you just need to have better security than the next potential target. Will you be the home with the bars on the windows, or the one left unprotected?
Don’t Automatically Trust Devices on the Network
There are basically three schools of thought when it comes to protecting a network, especially in an environment in which mobile devices are in play. The first school blocks only access from devices, applications, or users that are known to be a threat. As threats are identified (such as tell-tale signs that a bot is attempting to log in), those are blocked, but all other devices and users are allowed access. This means that all threats that are not yet identified are allowed access, and significant damage can be done in the interim.
The second school allows access to all devices and users that aren’t known threats, but monitors everything that those users and devices are up to. In other words, until a device proves to be problematic, it’s allowed access. This is obviously much better than the first way of approaching security, and hampers productivity less than the third and final school.
Lastly, some network security specialists require that every user and all devices are authenticated before those are allowed access to any system on the network. While this is obviously the most secure approach, it also means that a lot of legitimate users are blocked, requiring help from IT to gain access (which is time consuming and costly), and their productivity is halted in the meantime.
Assume Users Will Click on Everything
Aside from taking a proactive approach to network access, you’ll need to take a proactive approach to systems design. Assume that some user somewhere will click on everything eventually, finding lots of things they’re not supposed to access. Don’t assume that all users will follow the paths you establish to do what they need to do. This is even more true when mobile devices are using your systems, because it is quite easy to accidentally click something you didn’t mean to with an errant touch of a finger. Design systems so that users can only access what they are meant to see, and that they are assigned the right level of access to alter only what they have a legitimate reason to, per their job description.
There is a lot to know about endpoint security in IT environments where mobile devices are given access. This includes most networks today. Learn more when you watch our webinar: How to Add Advanced Threat Detection to Your MDM.