Almost one year ago to the day, the “most wonderful time of the year” became anything but for millions of Americans when news of the Target data breach broke. Not only did that attack force us all to think twice about how our digital information is managed, it forever changed the network security landscape and put IT administrators in a perpetual state of high alert.
This holiday season, having suffered through a full year of attack after attack, network administrators have battened down the hatches even further, living in constant fear that their organization could become the next target of hackers. The silver lining is that these attacks have forced IT departments to re-evaluate their internal security policies, and at least raise awareness of how crucial it is – if not actually put in place – the infrastructure necessary to protect their organizations.
But despite now having a better understanding of the landscape of cyberthreats and vulnerabilities, as well as having shored up their cyber defenses, IT departments must remain vigilant towards the potential cyberthreats lurking in the shadows this holiday season.
From the new technologies employees receive as gifts, to the vulnerabilities that could arise from employees accessing the corporate network remotely, there’s plenty for network administrators to be preoccupied by this time of year.
New Gifts, New Threats?
For a few holiday seasons now, mobile devices, Internet of Things trinkets and wearable technology have been at the top of consumer gift lists. They’re popular nearly to the point of ubiquity, which is actually bad news for the network administrators who have to account for employees connecting these new endpoints to the network, where they could create vulnerabilities.
Dark Reading offers the example of a hacker who is able to work around a company’s Wi-Fi defenses by breaking into a corporate conference room’s Bluetooth system, via an employee’s vulnerable Bluetooth-enabled device, in order to listen to privileged conversations about financial transactions.
Attackers are as agile as they are astute, and they constantly look to exploit vulnerabilities – especially the ones IT departments haven’t identified yet. New consumer technologies could be just the point of entry hackers need to launch a new volley of attacks.
The Risk of Remote
Another network security concern over the holidays is the number of employees working remotely. More than half of Americans actually plan to work remotely over the upcoming holiday break, with about half of those expecting to spend at least two hours on the clock each day. And who wouldn’t prefer to work beside a fireplace during the holidays, instead of in front of their office computer?
Yet, all this convenience could come at a cost to IT departments – if employees don’t follow established remote access and Bring-Your-Own-Device (BYOD) protocol, they could inadvertently create vulnerabilities that aren’t present when they work on-site, under the umbrella of the immediate corporate network and under the watchful eye of the IT department.
Preventing Holiday Exploits
The lesson for network administrators this holiday season is clear – the remote access and BYOD policies that may have adequately protected their networks in the past may not be sufficient in today’s world. There have never been more devices, and more types of devices, connected to enterprise networks – and with each new endpoint will come new risk.
To offset these hazards, IT departments may need to reevaluate their BYOD policies. This includes frequently updating protocol, and making sure employees are educated as to how they can play a role in limiting network vulnerabilities.
And in the event that a remote access or BYOD policy comes up short, network administrators need to have in place an overarching defense-in-depth strategy, of which BYOD is just one component. When network administrators build redundancy into their defense plans, through interlocking solutions like VPNs and firewalls, even if attackers are able to breach one element, they’ll be cut off before they can advance further.
And if these defense mechanisms are successful, network administrators will have given themselves the best holiday gift they could ask for – peace of mind.
Want to learn more about remote access VPN?
In Remote Access VPN For Dummies, we cover:
– The full VPN landscape, including hybrid IPsec/SSL VPN solutions
– The evolution of remote access VPN
– How to provide users with secure remote access
– How to simplify remote access VPN and reduce costs