Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Infographic: With BYOD, Mobile Is The New Desktop
Newest First  |  Oldest First  |  Threaded View
RyanSepe
0%
100%
RyanSepe,
User Rank: Ninja
7/25/2014 | 8:50:16 AM
Re: Ingrained Security
14000 give or take a fluctuation of 500 because we are a teaching hospital and onboard/offboard medical students/residents at different times of the year.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/24/2014 | 10:51:16 AM
Re: Ingrained Security
Sounds interesting. Keep us posted on your progress. BTW how many users do you support?
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/24/2014 | 10:26:39 AM
Re: Ingrained Security
We are in the process of incorporating an MDM and EMM solution. I will have more metrics then but as an enforcement mechanism you cannot gain access to clinical apps without going through a VPN set up through an app client. The app client access is provided via Group Membership in AD. Essentially, if we haven't sanctioned you for access you can only use your cellular network or a guest wireless solution which doesn't have any internal ramifications.
ATG4
50%
50%
ATG4,
User Rank: Apprentice
7/23/2014 | 11:19:56 AM
Managing BYOD
BYOD will continue growing as mobile devices continue to play a greater role in our lives.  Does BYOD come with headaches?  Of course it does.  However, security issues and IT management headaches (how do I support all those devices?) can be addressed by using new HTML5 technologies that enable users to connect to applications and systems without requiring IT staff to install anything on user devices. For example, Ericom AccessNow is an HTML5 RDP client that enables remote users to securely connect from iPads, iPhones and Android devices to any RDP host, including Terminal Server and VDI virtual desktops, and run their applications and desktops in a browser. This enhances security by keeping applications and data separate from personal devices.

Since AccessNow doesn't require any software installation on the end user device – just an HTML5 browser, network connection, URL address and login details - IT staff end up with less support hassles. The volunteer or temporary employee that brings in their own device merely opens their HTML5-compatible browser and connects to the URL given them by the IT admin.

Visit http://www.ericom.com/BYOD_Workplace for more info.

Please note that I work for Ericom
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/23/2014 | 11:02:51 AM
Re: Ingrained Security
Ryan, how does your company monitor how many byo devices/apps employees are using on the network and whether appropriate safeguards are in place and being used. Functionality with security makes a lot of sense. But what is the enforcment mechanism?
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/23/2014 | 8:55:39 AM
Ingrained Security
The bottom of the infographic is what I deal with most at my enterprise. The common thought process is functionality vs security when it should be functionality with security. The best way to accomplish this is to have security safegards in place on the vendor side before deployment. This can be more easily accomplished if organizations pushed harder to only incorporate solutions that have a strong security backbone. Instead of incorporation then addition. The previous method allows for minimal learning curve.

Also, as stated below in the comments awareness is a huge factor. Having safegards in place is not enough and it is our job as security professionals to reiterate and educate the public as to why taking proper actions with their devices and following protocols is so important.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/23/2014 | 8:44:39 AM
Re: mobile ... the next challenge
Mobille is definitely the next challenge when one-third of all employees don't even know what their company mobile BYOD policy is and that each of them are using devices at work with 21 apps a piece. These number are quite startling!
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
7/22/2014 | 5:27:22 PM
mobile ... the next challenge
You are right ... mobile devices are comparable to desktop PCs in term of computational capabilities, the biggest issue related these platforms is the lack of awareness of principal cyber threats.

Users are unaware of the risk to use mobile devices without any defensive solutions, the risks increase if we consider the promiscuous usage (work/free time) of devices and bad habits of mobile users.

 

 

 

 


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/30/2020
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing Writer,  10/29/2020
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15703
PUBLISHED: 2020-10-31
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivile...
CVE-2020-5991
PUBLISHED: 2020-10-30
NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.
CVE-2020-15273
PUBLISHED: 2020-10-30
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. The issue affects the following components: Edit feed settings, Edit widget area, Sub site new registration, New category registration. Arbitrary JavaScript may be executed by entering specific characters in the account that can ac...
CVE-2020-15276
PUBLISHED: 2020-10-30
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1.
CVE-2020-15277
PUBLISHED: 2020-10-30
baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file. The Edit template component is vulnerable. The issue is fixed in version 4.4.1.