This is a summary of a byline that first appeared in SecurityWeek on November 15, 2018.
Nearly 9 in 10 companies now rely on the personal devices of their employees to access critical business apps. Unfortunately, during the third quarter of 2018 over a quarter of organizations also experienced malware attacks originating from those devices. Even worse, Android-based threats now represent 14% of all the cyberthreats that organizations have to contend with.
So it is no surprise that during the holiday season—when users spend a significant amount of time shopping and conducting financial transactions—that their devices are more likely to be targeted by cybercriminals than ever.
In addition to direct attacks, the number of compromised web sites, charity scams, email phishing campaigns, malicious access points, and even fake shopping sites will grow exponentially. SecurityWeek, November 15 2018
Of course, this phenomenon is not limited to the holidays. Our FortiGuard Labs team detects the same sort of spike in criminal cyber activity during other major events, such as the World Cup or the Olympics, or during major political events such as elections or conflicts.
Of course, when these personal devices get compromised, they also represent an increased risk to your organization. Preparing your organization requires you to do three things: secure endpoint devices through the deployment of endpoint security clients, implement secure network access, and provide heightened sensitivity to your employee through some sort of training and awareness initiative.
Here are a few of the things you should include in any awareness program:
· Using caution when connecting to public Wi-Fi
· Only downloading legitimate apps from legitimate sites
· Thinking twice before shopping at unfamiliar online sites
· Examining the URL address of a link before you click on it
· Using your browser’s search engine to verify that sites being visited are legitimate
More than ever, it is essential that you develop a comprehensive and effective security strategy for the endpoint devices connected to your network—especially those personal devices owned by employees that blend their personal and work lives together. BYOD strategies need to include the deployment of a security client, an effective network access control solution, and regular awareness training, especially during times of heightened security risk such as the holidays.
For more details on how to protect your BYOD strategy during the holidays, read the full article entitled, “'Tis the Season for Mobile Threats” by Fortinet’s John Maddison in SecurityWeek.