It’s the most wonderful time of the year and if you’re like me, you’re already counting down the days until Christmas. It’s a time to be with friends and family with the added bonus of unwrapping those gifts under your tree. What most of us don’t think about, is how those gifts can affect our organizations.
With the list of connected devices growing each year between smartphones, watches, and tablets, more people are receiving them as gifts each year. Unfortunately for you, these devices aren’t just staying at home. Each year, more businesses are forced to adopt a “bring your own device” (BYOD) policy in order to let these foreign machines onto their private networks. If you have a BYOD policy at your organization you need to be prepared for these new machines.
Why this is a Threat
Recently, there was an article published explaining how a secret backdoor was built into smartphones which sent information back to China. This software was pre-installed on the machines and monitored data sent or received as well as things like where you go, who you are talking to and what you are texting. The ‘experts’ aren’t sure if it is collecting this data for future targeted advertising or if this was an attempt at Chinese intelligence gathering but either way, it’s unnerving.
This software was installed on over 700 million phones, cars, and other smart devices. To reiterate, this wasn’t a bug. This software was purposefully installed onto these machines without the customer approving or knowing that it existed. As an organization, this is even scarier because with a breach on one of these devices, while on your network, it could put your entire organization at risk as well as compromise the privacy of your manufacturers and customers.
How to Stop It: Network Threat Detection
Here at Core Security, we often say, “You can’t stop what you can’t see.” This is still true in the realm of network device detection. If you can’t see the traffic going to and from each device on your network, then you can’t see malicious acts. Even if you could see them all, there are billions of interactions on the web each day. It is impossible to monitor them all. So what can you do? Invest in a network threat detection solution that can:
With over 25 billion internet records being created daily, it’s too hard to find the malicious actors within. A network threat detection solution allows you to analyze this traffic on all devices and alert you to malicious payloads and bad actors based on unusual behavior on the network. A good solution should look beyond just malware, and use multiple behavior analysis techniques to uncover malicious activity.
Your network safety is too important to spend your day chasing false positives. Some things will look like a threat just because they are different from a normal pattern. However, this may be the result of a new device, a new role, or even a new resource found on the web. A good solution should monitor and compile all evidence on devices over time comparing the who, what, when, where, and how to pinpoint assets (devices) that are fully compromised and pose the biggest threat.
Where do you start? Just like with scanning data, you are given hundreds or thousands of risks to your network but without context, you won’t know which issues are putting you at more risk than others. Through validation, you can understand how each risk affects your organization and rank them accordingly.
Now that you have validated and ranked all of these risks the real work can begin. With a list of ranked, true positive infections to your network, you are helping your team focus their time and resources on the biggest threats to your network. By prioritizing this workflow you are more likely to fix even more risks and keep your network healthier and improve your network security posture.
Will you know if these new holiday gifts are infected? Of the 700 million people who own these devices, most have no idea and, even when looking for infections, they are rather hard to spot. Now is a good time to review your organization’s BYOD policies and procedures and communicate the rules to your workforce in preparation for the new influx of devices. Don’t let your organization be at risk for things you can’t control. Invest in a network threat detection solution that can help you have complete visibility into threat activities on your network.