Recently, Minister of Communications and Information Yaacob Ibrahim has urged companies in the private sector to follow the Government’s footsteps and allocate their IT budget on cyber security (read the article here).
This reflects a shift in mentality towards cyber threats and IT security – instead of viewing cyber security as a means to protect and defend your digital parameters and data, most organisations are now viewing cyber threats as an inevitable force and subsequently, taking up a more proactive role against it.
However, to be proactive in cyber security, we need a thorough understanding of the current IT environment, and most importantly, it requires us to understand and embrace the emerging trends in today’s IT environment. Go with the flow, and find out how you can protect yourself.
1. BYOD is here to stay
Mobile penetration has been increasing. We’re constantly discovering new uses and purposes for our mobile devices; we cannot imagine a world (or a day) without our mobile devices; researchers are now pondering the possibilities of smartphone withdrawal symptoms (yes, you read that right, our society is now suffering from a new phenomenon known as smartphones withdrawal).
And while mobile devices have penetrated our daily lifestyles, more organisations are accepting the notion that employees do bring their work home with them through their own devices. It seems like a win-win scenario for employer and employee; BYOD allows the mobile workforce to connect easily to work and this, in turn, increases their productivity while helping their employer to cut down on hardware expenses.
However, BYOD introduces a whole new onslaught of security problems as employees access sensitive work data through their own personal devices. Mobile malware is becoming a bigger threat in today’s BYOD environment. Manually tightening up the security of employees’ personal devices will be too time-consuming. As it is, the industry is churning out new models of mobile devices faster than Santa can wish us a Merry Christmas.
The trick now lies in introducing new policies that will balance out the perks of this new work culture without compromising on security e.g. allowing certain models of mobile devices, or limiting the type of sensitive data that employees can access through their own devices.
2. Antivirus softwares: Planning battle strategies in today’s IT environment
Malware and virus are getting much more sophisticated, and software development is getting a lot more complicated, trying to keep up through different approaches and strategies.
There is an ongoing dilemma in the world of antivirus and IT security. There are different approaches to IT security: blacklisting, whitelisting and behavioural-based technologies. Which should we use and to what extend?
Using the analogy of an immigration checkpoint, here’s how each of these approaches will work:
- Blacklisting: As per the name suggests, HQ (of sort) will release a list of names that will not be allowed entry. Hence, approaching security is a simple solution of weeding out those on the list. The problem lies in keeping the list updated and ensuring it’s accurate. Blacklisting does not provide any protection against new and unidentified threats. Furthermore, the rate of producing false positives is a lot higher; blacklisting items because it resembles a threat on the list.
- Whitelist: If blacklisting bars entry to those on a list, the whitelisting approach will only permit entry to those on the list. Whitelisting provides a high level of security and control as it protects systems with zero-day attacks. However, as effective as it is in keeping malware out, it becomes inefficient when legitimate items are unable to get through as they are not on the list.
- Behavioural-based technology: This approach attempts to profile a risk and identify similar threats based on their behavioural patterns. However, with this in mind, certain malware might be able to go through as it is written to look like a legitimate software while some legitimate softwares might be identified as a malware instead due to specific features to malware. There are ways to get around a behavioural profile.
So, how should you map out your anti-virus strategy? A combination of all three approaches is required.
When in doubt, always check to ensure the basics in your IT security are covered. This will include having an antivirus software in place and taking a diligent approach to software patching. Talk to your IT guy about user identity management and network management. The whole idea is to cut down on possible entry points for malware and viruses. Having an updated asset inventory will help to ensure everything you owned has been patched, and patched right.