Growing use of individual cloud storage services will begin to pose a larger risk to businesses
The use of Dropbox, OneDrive, Box, Google Drive as well as all of the other cloud storage services by individuals as a means to more easily access documents in multiple locations will pose a greater risk to personal as well as professional targets as company documents and data comingle with personal files in the cloud.
Troy Gill of AppRiver maintains that you should limit access to folders within your cloud network to only the individuals that need access to perform their job role. This will help prevent both accidental and purposeful data loss.
Another helpful practice is maintaining regular security training. This will help those who otherwise may inadvertently expose sensitive company data by keeping them on course with best practices. Additionally, carefully select which devices your organisation will permit employees to use when accessing the cloud, and what types of encryption you can use to keep the devices from connecting to unsafe networks.
The ever-growing increase in mobility could spell trouble for BYOD policies
Businesses that have very loose or even no BYOD policies may be in trouble as more and more people are migrating to smart devices where business and personal life and data are intertwined. This could create a sharp increase in lost or compromised data collected from these devices.
Before adopting BYOD, organisations should have clear policies in place. These policies should cover everything from encrypted passwords for an app or even the device itself, to whether or not the organisation will permit connecting to public Wi-Fi networks.
Mobile Payment Systems are working aggressively to make digital payments through services such as ApplePay, Google Wallet and CurrentC much more secure.
Vendors have been trying hard to change the way we make transactions with features such as Near Field Communication and virtual wallets in our mobile devices. Unfortunately, its early adoption has left a bit too much to be desired thanks to security issues and concerns. Look for these to be addressed immediately and a slow roll out to more retailers in coming years.
Thanks also to these early flaws and the attack on the CurrentC payment system through third parties which led to the leak of the email addresses of early adopters, we can expect mobile payment systems and its architectures as a highly likely target of attack.
Your organisation should carefully consider whether or not employees who use a smart phone for work, whether it is BYOD or not, should be allowed to have mobile payment system apps on their phones. Certainly another thing to consider is how/where corporate credit card information will be stored.
Of course, there is no ‘silver bullet’ when it comes to online threats. However, with a blended security approach that leverages current intelligence and technology from several sources, organisations can prevent malware from entering their network via email and Web.
The author of this blog is Troy Gill, manager of Security Research at AppRiver.
Comment on this article below or via Twitter: @ VanillaPlusMag OR @jcvplus