Tag Archives: BYOD

BYOD: when protecting the perimeter is not enough

It’s a well-known fact that millennials and generation Z are digital natives and are basically always connected to their gadgets.  This trend has consequences extending beyond the consumer market, with an effect on the corporate world as this young cohort enters the workforce.  One example is more people using their own laptops and mobile phones at the office and for work in general. The consultancy firm Markets & Markets estimates the Bring Your Own Device (BYOD) market will be worth $73.3 billion in 2021.

BYOD has several advantages for companies. IT managers note that employee productivity is on the rise and workers have more flexibility, resulting in better customer service. That said, it also presents various challenges for security that go beyond a company’s physical perimeter. What risks does BYOD entail? What is the best way of dealing with them?

The perimeter includes wherever an employee is located

Companies are exposed to a high number of threats coming from all sides, from dangerous web content to malware that can affect the entire corporate network. Attacks are increasing in frequency, resulting in more attention being paid to cybersecurity. That’s why the firm Cybersecurity Ventures estimates that the total spend on cybersecurity will hit one trillion dollars in the next five years.

However, many of these investments in cybersecurity only protect devices and servers on the corporate network. With BYOD, it’s clear that only protecting the physical perimeter is insufficient. The trend has resulted in personal mobile devices such as smartphones, tablets, and laptops, which are not under direct control of IT managers, being able to access the corporate network from anywhere. This means that the perimeter extends to anywhere employees are located, no matter how far they may be from the office. Thus, it is necessary that protection covers all devices.

The need for a BYOD policy

To prevent security risks and before applying solutions, it is essential for companies, regardless of their size, to establish a BYOD policy with a clear blueprint and adapt it to all platforms so that they are properly prepared. Accordingly, consultant Larry Alton recommends that a BYOD strategy include specific guidelines.  Once the criteria for program use are established, IT managers should allow employees to add their personal devices to the network.

However, it does not mean that IT has strict control over employees’ devices. The ideal situation is to strike a balance between keeping a company’s data secure and safeguarding the privacy of employees, who will of course continue using their devices for personal use. Thus excessively strict or invasive policies are counterproductive. Policies should be completely transparent to determine each party’s responsibility.

Monitoring solutions until the endpoint

Given the nature of the security risks of BYOD, organizations should implement solutions that apply a constant real-time monitoring of the corporate network and of all its access points. Generally, security solutions only address servers and work stations within the physical space of the company but, as we mentioned before, with BYOD, simply protecting the physical perimeter is not enough.  Therefore, protection should extend to all endpoints and devices.

One example of this type of solution is Panda Adaptive Defense, an endpoint detection and response service capable of accurately classifying any application and blocking advanced threats as well as zero-day and directed attacks that other more traditional solutions are incapable of detecting.

Although BYOD presents new security risks, the opportunities it offers companies and employees far outweigh these risks if the necessary precautions are taken. A prevention strategy based on appropriate policies and on real-time monitoring solutions for all devices is the best way to take advantage of BYOD’s full potential.

The post BYOD: when protecting the perimeter is not enough appeared first on Panda Security Mediacenter.

Read More

Do Millennials Suck When It Comes To Security?

Millennials (or Generation Y) are those who were born from the early 1980s to the early 2000s. A study now looked at the impact which generational attitudes have toward security issues and compared Millennials Generation X/Gen X (those born between 1965 and 1980) and the “baby boomers” (born between 1946 and 1964).

You would normally think that the Millennials know what they are doing when it comes to technology, considering that most of them grew up with it. But while it is a big plus when it comes to handling devices and navigating around the net, the sense of well-being also seems to be their Achilles heel and leads them to being more careless with privacy concerns and a few other security aspects. The study backs this up with some key findings:

  • “Millennials have the worst password reuse habits of all demographics: 85 percent admit to re-using credentials across sites and services.
  • Risky behavior can be found across demographics: 16 percent of millennials and 14 percent of Gen-Xers accept social media invites from strangers “most of the time.”
  • Millennials are most likely to find security workarounds: A combined 56 percent admit they would “very” or “moderately likely” evade restrictive workplace controls. “

On the other hand, the paper also shows that the other included generations show risky behavior as well (though not in the same areas: Baby Boomers for example may pose a rather big BYOD risk; 48% use personal devices to access work related content).

Nonetheless it would seem that Millennials are easy prey for hackers: Reusing passwords and being too trusting on social media (which may or may not lead you to fall victim to social engineering) can lead to unwelcome results.

The post Do Millennials Suck When It Comes To Security? appeared first on Avira Blog.

Read More

The big small business security challenge: mobile and BYOD

In this recorded webinar the security challenge that mobile devices and BYOD bring to the businesses, notably smaller businesses, is reviewed; then defensive strategies are presented.

The post The big small business security challenge: mobile and BYOD appeared first on We Live Security.

Read More

Secure your business this Small Business Week

Small businesses don’t typically make the headlines when it comes to cyber security. Fortunately for small businesses, those stories remain the domain of large enterprises. However, cyber security for small businesses has the attention of hackers, insurers and the government.

While large enterprises may be the ultimate treasure, small businesses often represent easier targets, and compromising enough small business can add up quickly.

A recent Business Journals article citing a National Small Business Association survey reported that half of small business report that they’ve been a victim of a cyber-attack and that the average amount of money stolen through those attacks rose to $19,948 by the end of 2014.

The tools that have become so critical to small business success also create multiple points of vulnerability. Laptops, tablets, and smartphones continue to proliferate and with BYOD becoming a reality, the ability to control and manage access to data and applications has become overwhelming for many small and medium sized businesses.

Clearly, a comprehensive security review is essential for all companies and in many cases a good starting point is evaluating and addressing the risk of attack through the range of devices connected to a company’s systems.

Whether your business has its own IT department or works with a Managed Service Provider, be sure to spend time during Small Business Week 2015 to address the following vulnerabilities:

Mobile devices:

The ability to easily authorize and de-authorize mobile devices for specific applications and data sources, even BYOD, is critical. Your mobile device management system should allow for complete reporting of all connected devices, who they belong to and what they can access. This not only saves time as new employees come on board, it allows instant removal of access when an employee leaves. In the event a device is lost or stolen, locking and/or wiping of the device can be managed quickly and effectively.

Identity and password management:

Employees simply have too many passwords to remember and resort to repeatedly using the same password or writing them down on post-it notes. To make matters worse, when passwords are forgotten, employees call support which reduces their efficiency and increases costs to a small business. Single sign on with multi factor authentication and easy integration with Office 365 is an essential security component and will help protect systems, reduce costs and improve employee efficiency.

Not all attacks simply take information

They may also delete or remove critical business data. It’s essential that a comprehensive backup and disaster recovery system is implemented to ensure that your operations can continue even in the event of a natural…or un-natural disaster.

Small business cyber security doesn’t require huge budgets or even a dedicated IT department. MSPs like those that work with AVG Business can help evaluate your systems and recommend a set of security measures that will help your company to operate effectively and efficiently, even in the face of uncertain attackers.

For more information on keeping your business secure check out our AVG Small Business Digital Policy Guide

Read More

From Nottingham to Barcelona in 17 Years

In my talk I spoke about how, 17 years ago, I started as a shop owner in Nottingham selling software and networking tools to small businesses. All those years later, I am General Manager of AVG Business and presenting at the world’s leading mobile show.

Of course, things have changed rapidly in this period, but one thing remains the same – my vision, which is the same as the AVG Business vision, namely to help businesspeople do what they do best – run their businesses.

Back in my Nottingham days, security meant four walls and a locked door. However, we all know that this has changed. Phenomena such as Bring Your Own Device and the so-called Consumerization of IT have changed everything.

Cloud apps and services made this happen. Businesspeople expect the connectivity and flexibility that the cloud delivers. In turn, cloud brings about security challenges. Staff handle business-critical and confidential data on an increasing number of devices, both company provided and their own.  My old-fashioned four walls and a locked door no longer applies. How can this connectivity and flexibility be controlled and secured?

I said on stage that Bring Your Own Device (BYOD) is no longer a debate – it’s a responsibility. We are now at the point where BYOD has become “YOD.” Thanks to cloud computing, staff no longer need to bring devices into an office in order to access business data. The workplace is now everywhere, we live in an age of business without walls. Telling staff not to use their own smartphone for work purposes is not an option. Digital natives demand it.

Cloud is here, but it has made control and security harder – business owners are demanding solutions from their IT partners and providers, and this is where we come in.

I was delighted to be joined on stage by Shreyas Sadalgi, SVP Business Development at Centrify, market leader in Single Sign On technology. Together we unveiled a simple, affordable way for small businesses to help keep company confidential data safe, private and within their control even when shared with employee-owned mobile devices (such as smartphones and tablets) and externally hosted cloud services.

We’re making it simple for businesses. Through Secure Sign On, a new employee can have access to any of their employer’s apps through any device. When an employee leaves, access is removed very quickly. This simple solution solves the YOD question and puts control and security back in the hands of the business, as quickly as physically taking a key and locking a door.

It’s amazing how far you can go in 17 years!

Read More

AVG Launches Secure Sign-On for Service Providers and Small Businesses

AMSTERDAM and SAN FRANCISCO – March 3, 2015 – AVG Technologies N.V. (NYSE: AVG), the online security company for 197 million active users, today announced the immediate availability of AVG Business Secure Sign-On (SSO). Underpinned by technology from identity management leader, Centrify, AVG Business SSO works to provide AVG partners and business owners with a simple way to control company data on employees’ mobile devices and cloud applications.

“AVG Business SSO allows AVG partners to offer much needed help to those small business customers who are struggling with the issues of bring your own device (BYOD) and password management,” said Lee Frankham, director of Simpology, an AVG Business partner in the UK. “Now, we can roll out services that give our customers simple, secure management of their users’ mobile device data and applications in a matter of a few clicks.”

“Mass ownership of personal mobile devices, the adoption of popular consumer cloud services like Skype and Dropbox for business purposes and the impact of the Internet of Things have been the catalysts for true ‘business without walls’,” said Mike Foreman, General Manager, AVG Business. “Business in a fully connected environment puts smaller firms at risk of data breaches. AVG Business SSO for the first time makes it simple for businesses without big budgets or in-house IT staff to keep company confidential data safe, private and within their control, even while it is shared with employee-owned mobile devices and externally hosted cloud services.”

Key features of AVG Business SSO are:

  • Centralized control of cloud and mobile apps/data for one-click authentication of end-user mobile devices – single secure sign-on with multi-factor authentication (MFA) for any device unifies identity and mobile device management to give simplified control of mobile data
  • Affordable identity policy, verification and mobile device management service – including via Active Directory
  • Efficient password management – eliminates risk from easy-to-remember, reused and/or improperly managed passwords, improves end user productivity by eliminating the need to remember multiple passwords and reduces volume of helpdesk calls resulting from forgotten passwords
  • Large range of business applications – support for more than 2,500 of the most popular Cloud-based business apps including Office 365, Salesforce, Webex, Facebook, LinkedIn and many more helping IT providers monetize mobile and cloud management services.



About Centrify

Centrify provides unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT. Centrify’s unified identity management software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and enterprise mobility management.  Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent, while improving business agility and overall security.  Centrify is used by more than 5,000 customers worldwide, including nearly half of the Fortune 50 and more than 60 Federal agencies.  For more information, please visit http://www.centrify.com/.


About AVG Technologies

AVG is the online security company providing leading software and services to secure devices, data and people. Over 197 million active users, as of December 31, 2014, use AVG´s products and services. AVG’s Consumer portfolio includes internet security, performance optimization, and personal privacy and identity protection for mobile devices and desktops. The AVG Business portfolio – delivered by managed service providers, VARs and resellers – offers IT administration, control and reporting, integrated security, and mobile device management that simplify and protect businesses.

All trademarks are the property of their respective owners.



Media Contacts:


Holly Luka

Waggener Edstrom for AVG


+ 1 (415) 547 7054



Paul Shlackman

PR Manager, SMB & Channel


+44 (0)7792 121510


Note to Editors:

AVG Business sells and markets a comprehensive, integrated set of cloud security and remote monitoring and management (RMM) software applications that are  designed from the ground up to simplify the lives of IT providers, Managed Service Providers (MSPs) and their small-to-medium sized business customers.

The portfolio comprises AVG Business CloudCare, a cloud-based administration platform offering resellers a simple way to implement and manage services such as antivirus, content filtering, online backup and email security services for their customers; AVG Business Managed Workplace, an open eco-system Remote Monitoring & Management tool; and AVG Business Secure Sign-On, a cloud-based identity policy, verification and mobile device management service.

Supported by a worldwide network of more than 10,000 partners, AVG’s strong IT security heritage complements its proven strength as an RMM provider and partner to help smaller IT companies and MSPs transition and flourish as fully-fledged managed services businesses.

Read More

How BYOD is building business without walls

I’ve just googled “Bring Your Own Device” and “BYOD” and got more than 150 million results. It’s fair to say that this is a hot topic. The industry has long agreed – the BBC included Bring Your Own Device (BYOD) in its 2012 technology predictions (or at least one of its commentators did) and did so again for 2013.

In a relatively short period of time (Wikipedia claims the term was coined in 2009) BYOD has become a well-used business term – both at enterprise level and in the small- and medium-sized business (SMB) space where AVG Business operates. Many of us want to use our own device for work purposes, so businesses of all sizes need to allow their employees to do so. Consequently, it’s up to us and our partners to enable this by making the BYOD ecosystem secure.

I am old enough to remember when I had to crawl under a desk to plug an ethernet cable into the back of a PC tower. Security in those days meant four walls and a locked door.

Today users want the flexibility and speed that cloud apps bring, often on their own smartphone or tablet. As I said in my last blog, Dropbox, Gmail and Skype are very popular tools which help businesspeople do what businesspeople do best – run their businesses.  But how secure are they?

Our job at AVG Business, through our partners is to give our customers the right tools to do just that, to make technology simple and secure, and to enable them to have control over their business.

I am hugely looking forward to presenting at AVG Business’s Mobile Security Forum at Mobile World Congress next week – I will be talking about BYOD in the context of the SMB community and discussing how we’ll introduce control and flexibility so that businesspeople can concentrate on their core business.

Read More

Should businesses worry about wearables?

In the last few years, businesses have been tackling a new set of privacy and security issues thanks to the Bring Your Own Device (BYOD) trend where employees are increasingly using their personal devices for business use.

But what about the new device trend; wearables? How will wearable devices in the workplace affect a business? Will Wear Your Own Device (WOYD) be an issue?

Forrester, among other analysts, is predicting that 2015 will be the “year of the wearable.” IdTechEx predicts growth from $14 billion in 2014 to over $70 billion in 2024.  But the market is just ramping up, and experts are predicting it to be huge, and ubiquitous –while feeding into the larger Internet of Things.

Part of the enthusiasm being generated for wearables is attributed to the much-heralded release of the Apple Watch. And part of it is that these devices are becoming mainstream. This has been brought to the forefront by developments with Google Glass.

Google Glass

Image courtesy of Sensory Motor


Early issues surrounding Google Glass go to the very heart of the wearable debate: there are real concerns that the person talking to you and wearing the Glass could be recording everything.  Taken into the workplace, Glass could be used to look at valuable corporate information or record a private conference meeting. Not to mention the company workout room and locker room!

My husband Bob, who was an early Samsung X watch adopter, likes to amuse dinner guests with demos of how he can video them with his watch without them having a clue… While his and the first “smart watches” were clunky, increasingly they are being designed to be smaller, cooler, and…well, look like any other watch.

Google and Apple are just two examples of the first wave of wearable tech; there’s also the Moto 360, Samsung Gear, and start-up players like Pebble with plenty more in development.  In the next wave, experts envision devices being woven into clothing, placed in jewelry and bracelets, available as a skin patch, and other weird and wonderful ideas.

Image courtesy of Independent


Privacy issues aside, there’s security to consider as well. Wearables run on software and software can be vulnerable to attack.  In the case of Glass, you could foresee an attack that grants the hacker with a view of everything you’re seeing. Scary, right? For these and other reasons, some government agencies and other high-security-risk workplaces have banned Glass.

Of course, everyone can see if you’re wearing Google Glass.  But as wearable devices get harder to spot, privacy risks go up. So as an employer, manager, enterprise expert, or small business owner, what can you do to maintain security and safety? Banning WYOD all together doesn’t appear to be a sensible option, and as a matter of fact may put your business at a disadvantage.

So, it’s a good idea to start putting policies in place. If you develop a good BYOD policy you’ll be in good shape for WYOD.

Here are a few areas to consider in expanding your BYOD policy for WYOD:

  • The types and acceptable use of personal devices by employees — whether wearable or not
  • How these personal devices will be monitored while in the office
  • Stipulation for use of company-owned BYOD/WYOD devices outside the office
  • Enhanced/expanded social media policy to include BYOD/WYOD
  • Details on penalties for violating the device policy


For more help creating a device policy for your business, check out our Small Business Digital Policy eBook.


I certainly don’t want to be all gloom and doom about wearable devices. I believe they can do great things in the workplace.  For example, Boston’s Beth Israel Deaconess Medical Center has developed a custom retrieval system for Google Glass, which allows an ER doctor to look up specific information about patients by using Google Glass to scan a Quick response (QR) code on the wall of each room.

Salesforce this summer announced the Salesforce Wear Developer Kit, a set of resources designed to help developers build apps that integrate with Salesforce service for such wearable devices as smart watches, smart glasses, smart armbands and biometric authenticators. Clearly we’re at the cusp of a WYOD evolution (I hesitate to call it a revolution).

It’s only natural that wearables are bleeding into the workplace.
And like any new technology in the workplace, it’s all about preparing for it and using it in the right way.

Title image courtesy of edudemic

Read More