Ipswitch Enterprise Survey Highlights How File Transfers in BYOD Era Need Better Security

By

Recently, the headlines have been about Distributed Denial of Service (DDoS) attacks, governments blocking Internet access and organized criminals as prime suspects in perpetrating cyber mischief of all types.  Plus, every day sees more and more brand names having critical information stolen or their websites compromised. 

However, the facts are that as a result of the Bring Your Own Device (BYOD) era, virtualization and the proliferation of Cloud-based services, as some have cleverly opined, we are now also in a Bring Your Own Danger (the dark version of BYOD) era. We use our devices, which may or may not be authenticated for corporate use, to access unauthorized apps and content and send things over unprotected networks. In short, we want what we want when we want it, and circumvent IT in getting it or engage in unprotected interactions. In many ways, we are our own worst enemies and we have placed enterprise IT in the unenviable position of being accountable for better security in an increasingly complex world, but without helping them as users or giving them the tools they need to mitigate risks as executives with budget authority.  

In discussing all of this with Jeffrey Whitney, vice president, global marketing, he drew my attention to a recent Ipswitch survey that put all of this in stark relief. 

As Whitney noted, “In short, we have users behaving badly or poorly either intentionally or more often unintentionally, and IT with limited visibility into what is going on. This is a recipe for disaster. ” He added that while things like DDoS and malware get the media’s attention, “CSOs (chief security officers) need look no further than file transfers, which make up a significant amount of critical information that is on the move inter and intra-enterprise, to see how serious their data leakage exposure is and why they need to take actions now to mitigate the risks.”

More details of the survey are contained in an Ipswitch e-book, Are Employees Putting Your Company’s Data at Risk?  What resonate are the recommendations summarized below. 

“Companies are struggling to strike the right balance between productivity and security, particularly as more employees work remotely. Employees want simplicity and convenience, while IT managers require visibility, security and control. IT leaders and practitioners need to understand the benefits, risks, and consequences associated with the proliferation of personal file transfer and file sharing tools…IT managers need to make it easier for people in the organization to move information securely. What most companies don’t yet realize is that they no longer have to choose between the two extremes…Rather than fighting a losing battle, companies should revisit their security policies and gauge whether they are appropriate for what employees are trying to accomplish.”

At the end of the day, nothing can be made totally secure for two reasons:

Those with malicious intent will find a way to cause trouble if the incentives are high and the risks and also the costs of failure are low. It is why the bad guys are always probing for weaknesses to exploit. BYOD, particularly when it comes to file transfers, be they e-mail or using third-party services like Dropbox, make for easy targets. 

Security starts and ends with people, and people are fallible—we forget things, we make well-intentioned but poor choices, we opt for convenience and expediency without consideration of risks to our employers, etc. 

It is why that term “balance” is so critical in any discussion of enterprise security. The goal is to make the needs of users and IT mostly mutually inclusive while making it too hard, expensive or both for those with bad intentions to target and succeed in disrupting that which we highly value. 

This is why BYOD is seen as having forced the issue on getting IT and upper management to evaluate digital risk mitigation from a strategic as well as tactical perspective and why a holistic approach, which includes for lack of a better term “triaging” various assets based on the level of risk they carry, along with providing users education and easily embraceable polices and tools they can use to exponentially decrease risks are key.

The issue of file transfers is just one of the featured talks that will be given at TMC’s, “SecureIT 2013: Protecting Your Enterprise in a BYOD World,” event that will be held July 23, at the Kimmel Center of NYU in New York City. Keep your eyes open for more information about the program and speakers in the coming days. We look to see you there.




Edited by Brooke Neuman
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More