NCSC: Revoke Admin Access for BYOD Users Immediately

NCSC: Revoke Admin Access for BYOD Users Immediately

Government security experts have urged organizations to review and re-plan any BYOD strategies implemented as a quick fix during the pandemic, warning of mounting cyber-risk.

360 Mobile Vision - North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

GCHQ-offshoot the National Cyber Security Centre (NCSC) has released updated guidance for organizations designed to help them design, deploy and manage what it claimed could be a “potentially difficult IT set-up.”

Senior platforms researcher, “Luna R,” warned in a new blog post that the time for a “just make it work” mentality is over, and BYOD must now be carefully considered and rigorously implemented to be effective and secure.

“You cannot do all your organization’s functions securely with just BYOD, no matter how well your solution may be configured,” she argued. “If you’ve given BYOD users admin access to company resources, revoke that access immediately, then come back.”

The rapid shift to remote working during the first months of the pandemic made employee use of personal devices virtually essential in many organizations, especially those with smaller IT budgets.

However, stories soon emerged of threat actors targeting vulnerabilities and misconfigurations in these devices and home networks to get to corporate networks and resources.

A Bitglass study from July 2020 revealed that 69% of organizations allow employees to use personal devices for work. However, it also noted that over half (51%) lack visibility into file-sharing apps, 30% have no control over mobile enterprise messaging tools and only 9% have cloud-based anti-malware solutions in place.

Remarkably, by November 2020, over half (51%) of organizations still didn’t have a BYOD policy in place.

An HP study from May 2021 revealed that over half (51%) of global IT decision-makers had seen evidence of compromised personal PCs being used to access company and customer data over the past year.

By admin