How to create a BYOD policy that keeps your business data secure

Bring your own device (BYOD) policies are commonplace in many organizations today. Employees bring in their personal cell phones, laptops, tablets and other mobile devices and use them to content to corporate networks. Additionally, employees regularly use personal computers and other devices not owned by the organization to work at home or on the road.

Unfortunately, BYOD can be risky for organizations that do not implement adequate security controls.  Personal devices that aren’t properly managed by the company often have inconsistent security controls implemented on them. For example, one device may lock out after three minutes of idle activity and require a complex password, while another may not even require a password to log on. However, both devices may be used to access sensitive or critical business data. For organizations that lack strong and consistent security controls, BYOD can easily turn into a security nightmare. Here’s a quick list of steps you can take to create a BYOD policy that will protect your business data:

  1. Establishing a policy that governs how BYOD devices can connect to and use organizational systems, how they should be backed up, and which security settings should be in place.
  2. Configure devices to connect to network resources over a transparent virtual private network.
  3. Gain greater control over mobile devices with a Mobile Device Management (MDM) solution. MDM solutions allow for more consistent security settings to be applied to devices. For example, applications can be whitelisted or blacklisted, BYOD devices can be geofenced, and jailbroken phones can be banned from connecting to networks or data stores.

BYOD and the ransomware threat
A large percentage of BYOD devices are mobile phones or tablets that are susceptible to some forms of ransomware. Mobile ransomware viruses often masquerade as enticing applications such as POGO Tear, which pretends to be a Pokemon Go application; Android defender, a bogus antivirus app; Charger, a fake battery management app; Lockdroid, a counterfeit Google Android update package; and Lockscreen, a deceptive Android lock screen app. Some mobile devices have been found to have malware pre-installed on them. The owners of those devices did not need to download a fake app. They were infected the moment they powered up the new device.

The good news is that mobile data is often easy to restore if appropriate backups have been taken of the phone or tablet. The bad news is that an infection may not be limited to your device. Worms may propagate through mobile email clients to your contacts. Additionally, some malware may infect a mobile device and then be transmitted to a computer when the device is connected for charging or data exchange.

Protect yourself by keeping your mobile operating systems and apps up to date. Consider a mobile firewall, mobile antivirus solution, and make sure you back up your device. Other BYOD devices such as laptops should be equipped with endpoint protection software, secure and up-to-date operating systems, and they should be backed up regularly.

Continue reading

Screen your calls in the cloud

I used to be agitated by the sound of the phone. My wife and I both have cell phones but we got a land line because there are some parts of the house where we have no reception and we occasionally misplace our phones. Shortly after we purchased it and before we could even give the number to friends, the calls started. Political calls, sales calls, and a plethora of other junk was funneled into our house. It was as if I had hooked up a sewer pipe directly to my kitchen and it dumping garbage calls into my home, hence the agitation.

Most of the calls were automated; robots per se. Companies have found it is much cheaper to record a call and then automate the call and playback process rather than hire the work out to a call center. Internet based phones, like the one I have, called Voice Over IP (VOIP) phones make it even easier and cheaper for companies or individuals to implement these automated calls. Such calls have earned the name robocalls and are increasingly used for illegal sales calls and scams. These internet-based calls often originate from overseas but have domestic phone numbers, real or spoofed, which allows them to violate the FTC’s National Do Not Call Registry so don’t count this registry to save you from them.

I wanted to get rid of the phone all-together but my wife, wanting to always be connected with friends and family, had become somewhat attached to the security of a backup line. My first step was to get a phone that audibly announced the caller ID so that I could avoid getting up for more junk calls. I then did my best to ignore the incessant ringing once I heard the telltale caller ID of another vapid robotic exchange.

Last week, however, everything changed. I was preparing for a presentation on hacktivism and I was researching how to prevent fax spam when I came across a cloud-based service that claimed to stop robocalls. I instantly wanted to learn more. Not only did this company claim to have good success in preventing these calls but they were offering the service to consumers for free.

The service I am talking about is Nomorobo. It is pronounced like No More Robo and it came out of a robocall challenge issued by the FTC to develop a solution to the robocall problem. Nomorobo maintains a black list of bad calling numbers but robocallers routinely change their numbers and these are often spoofed, meaning that they are not the actual number that the calls originate from. For this reason, Nomorobo only keeps a number in the blacklist for a short time and relies more on the characteristics of the call in much the same way that spam messages are blocked.

Now, some robocalls are legitimate ones that I actually would want to receive. These include calls from my doctor reminding me of an appointment or from my pharmacy about a prescription to pick up. Nomorobo can identify legitimate robocalls and allow those through so you do not miss that appointment or forget that prescription or bring the kids to school on a school closing.

The service relies upon answer anywhere, a feature of many VOIP carriers that allows calls to be sent to two numbers simultaneously. After signing up for Nomorobo and giving it your phone number, you log into your VOIP carrier and configure answer anywhere to go to Nomorobo’s number. Calls are then routed to both numbers and Nomorobo will drop calls after the first ring if they are a robocall. Nomorobo is currently supported on Verizon FiOS, Comcast Xfinity, Time Warner Cable, and AT&T U-verse.

So, in the end, you still receive the calls but the line will only ring once if it is a robocall. In the last year, Nomorobo has blocked 15.1 million robocalls. For me, it is blocking three to five calls each day. I am so much happier with this service and my wife can keep the phone.