Cisco Blogs


Cisco Blog > Security

How Secure is Your Mobile Worker?

How well do you know your mobile worker? Understanding the mobile worker’s perceptions and behaviors will offer a better view on the potential security implications your organization must manage. Cisco recently released a new global infographic and white paper, the Cisco Connected World International Mobile Security study. They explore the mobile worker’s view points concerning working remotely, connecting to corporate, and their sense of security. Some of the findings are worth reflecting on to help you set the course for your mobile security efforts.

There is no question that the movement to mobile personal devices in the workforce has been well recognized. A recent response to this trend includes almost half of employers offering to fund workers to buy their own devices. Allowing the “chose your own” device alternative will attract and retain talent and reduce costs (see recent IBSG BYOD research), but what are the security implications?

There are a few striking data points to call out:

  • 63% of users download sensitive data on their devices. The frequency significantly increases in some countries which should alarm people doing business internationally if there are no precautions taken to secure the downloaded data. Imagine your financial data or product road maps being downloaded on an unprotected personal device.
  • Most believe remote access is a privilege. Yet in some countries they believe it’s a right as a worker. This establishes high expectations for IT to support and secure the devices including, but not limited to, extensive help desk calls.
  • Most users are diligent when a pop-up appears and will read through the details and determine what it really means. Yet, many workers from select countries generally tend to be less careful and accept warning pop-ups without reading the details which increases the risk that hidden malware will be downloaded. Hackers depend on this social mining effort.
  • 60% of users admit to engaging in risky behavior on a device (for example, personal or company-owned) while connected to corporate resources. This suggests that more security enforcement technology would benefit the prevention of data breaches and/or loss.

Data_Protection_Chart_1-300x115So, who really owns the mobile security issue? Mobile workers do not take full responsibility for a safe device with 84% believing that their IT will protect them from threats no matter what device is used. Sometimes IT’s perspective on this dependency is expressed with disbelief. An example of this issue was observed at BlackHat from a security professional during a demonstration we presented a couple weeks ago.

During the demonstration, we were showing how a user who inadvertently clicked on a phony URL sent in an email. That click triggered to phone an alert to a hacker that an “innocent” user is accessing the phony Internet site. The user unknowingly offered login credentials to their bank account. The hacker begins to record the users’ keystrokes to use later for malicious purposes. A security professional from BlackHat chimes in during the demonstration with the comment, “Dumb User.” The demonstration later showed how the combined effort of Cisco ISE and SIEM (Lancope) with unique TrustSec enforcement can identify and control the malicious activity with a single policy (for example, by segmenting and restricting users traffic close to the edge—on a network switch). The surprise to the security experts watching the demonstration was the concept that the network switch provided this enforcement.

Bottom Line: Most mobile workers have good intentions but do rely on IT to step in.

It would be great hear from you on your impressions of these recent findings and whether you are a mobile worker or an IT professional.

Please refer to Cisco’s security response for the mobile workforce: Secure Access

Tags: , , , , , , ,

The Highs and Lows of the Pump and Dump Scam

The Internet remains an environment where it is important to keep your wits. The recent indictment of nine individuals on stock fraud charges reminds us that the pump and dump scam continues to be perpetrated [1][2]. Stock spam emails were particularly prevalent during the mid-2000’s, with these messages reportedly comprising 15% of all spam in 2006 [3]. These messages sought to artificially increase demand for infrequently traded stocks so that fraudsters could unload cheaply bought shares at a profit to unsuspecting investors.
Read More »

Tags: , , ,

Summary: Friend or Foe? When IoT Helps You Get Hacked by Your Security

Businesses of all types and sizes stand to benefit greatly from the Internet of Things (IoT), with a wealth of intelligence for planning, management, policy, and decision-making that will help them maximize productivity and efficiency while minimizing costs. However, if not properly protected by integrating it with a solid network security solution, the consequences can be devastating. Read More »

Tags: , , , , , , , ,

Summary of Microsoft Security Bulletin for August 2013

That’s right folks, today is Patch Tuesday and Microsoft has published its monthly security bulletin for August 2013. The bulletins address a total of 23 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, and Microsoft Exchange. These vulnerabilities could allow an attacker to execute arbitrary code, cause a denial of service condition, or gain elevated privileges.

The bulk of the August updates correct several vulnerabilities in Internet Explorer. Although little technical information is available currently, it’s likely that attackers may develop future exploits based on the vulnerabilities.

Multiple vulnerabilities correct vulnerabilities in Microsoft Windows. A few of the vulnerabilities involve improper processing of ICMP network packets and could allow for attacks that cause affected systems to stop responding to additional network traffic. Although service failures are a concern for production systems, an exploit would allow no system access. Read More »

Tags: , , , , ,

DEFCON 21 Wrapup

My first DEFCON was DEFCON Three, held at the Tropicana Hotel in Las Vegas.  The computer security conference scene was much, much smaller back then, but DEFCON had already become THE security conference of the year. Since that time I’ve continued to regularly attend DEFCON, and over the years I have collected some very fond memories of summer computer security conventions past.  I remember vividly when the Cult of the Dead Cow celebrated their release of Back Orifice.  I recall battling the Las Vegas heat in the large, “air-conditioned” tents at the Alexis Park Hotel.  I remember when the NBC Dateline journalist was outed at DEFCON after planning to surreptitiously record attendees confessing to hacking crimes.  I remember seeing the authorities hauling away a fake Automated Teller Machine (ATM) that had been installed in the Riviera.  Fun times…

defcon

Read More »

Tags: ,