Do You Trust Endpoints That Go Shopping?

By

We are midway through the shopping season this year and already online retail shopping is having record sales. According to Adobe, final numbers indicate that Black Friday surpassed estimates, with $3.34 billion – 21.6 percent growth, year-over-year. Mobile accounted for $1.2 billion, a 33 percent increase from the year before.

Gartner predicts that 70 percent of mobile employees will use their personal smart devices to conduct work by 2018.

These are two seemingly disparate trends but what do they mean for organizations and their cyber security posture?

In another blog, my colleague Scott Grebe explored the security risks that arise when employees are shopping online at work within the corporate network. In this blog, we’ll explore the security risks that arise when employees shop online outside the corporate network.

Organizations are increasingly embracing BYOD for its obvious advantages, but this gives rise to a key gap in the security posture: How do you secure smartphones, tablets and laptops when they leave the confines of your corporate cyber security infrastructure? CSOs must make sure that the right security solutions and policies are implemented to close this gap.

Recent high profile data breaches have put cyber security under the spotlight and organizations have invested in best-of-breed solutions and deployed their defense-in-depth strategy to mitigate today’s advanced threats. Solutions such as next-generation firewall, Intrusion Prevention Systems (IPS), sandboxing and email security are in place to protect against zero-day malware and ransomware, thus making it significantly difficult for the majority of hackers to penetrate. No points for guessing where these threat actors will target next – smartphones, tablets, laptops or even home computers that employees use for remote work. According to McAfee Labs 2016 Threats Predictions report: If attackers really want to get at your data, but find themselves blocked at every attempt against the corporate data center, then the relatively insecure home systems of the employees become the next logical target.”

Employees are spending more time shopping online using a work-supplied or personal device. The next time an employee connects to a public Wi-Fi network to do a price check on a deal, or just uses his/her relatively insecure home network to shop, it could expose the organization’s network. Just last week, it was revealed that 1 million Google accounts were compromised by Android malware. Hundreds of counterfeit retail apps were discovered in Apple’s App Store. A seemingly innocuous app or even a rogue SMS text would suffice to comprise the device and, just like the trojan horse, the device would be given entry into the corporate network.

It is difficult to control the shopping mania that infects everyone around this time of the year, but organizations can leverage the security solutions that are already deployed to better protect the endpoints even when they are remote. SonicWall’s Secure Mobile Access (SMA) solution provides access security to complement your network security, by delivering secure access to users from anywhere and from any device. With SMA, organizations can protect their corporate network every time employees go online by following certain best practices:

  • For trusted laptops and desktops, use the redirect-all mode on the SSL-VPN solution to drive all traffic through the corporate security infrastructure.
  • For untrusted BYO devices, educate employees to use features such as browser-based clientless access to remote desktops for secure browsing.
  • For mobile devices, configure policies to allow access only to whitelisted apps.

Further, when these endpoint re-enter the corporate network, SMA interrogates the device and performs health checks to permit access or to quarantine for remediation. By implementing these best practices, organizations can leverage their corporate infrastructure such as next-gen firewall with SonicWall Capture sandboxing technology, bringing security anywhere employees’ devices go. Ready or not, mobile workers and BYOD are here to stay.

To learn more on how SMA can protect the corporate networks from “trusted” and “untrusted” endpoints, download and read our executive brief.

SonicWall Staff