Recent announcements around free and open public Wi-Fi being rolled out in towns and cities across Australia is great news for consumers, but may expose businesses and their employees to data breaches if companies don’t protect against it, says Rajiv Shah, General Manager, Australia for BAE Systems Applied Intelligence. As it becomes more common for employees to BYOD (Bring Your Own Device) and for businesses to allow employees to use their own devices to connect to corporate networks, associated security risks to the enterprise are also increasing. Organisations that fail to protect themselves against these risks and secure their information may be putting company data into the hands of cyber criminals.
Dr Rajiv Shah, said: “When users access unencrypted networks, attackers can easily hijack the session and not only gather all sorts of sensitive information, including passwords, but also potentially inject malicious code to compromise the device.” “This makes everything on the device vulnerable – including any corporate data. If an employee then connects a compromised device to the corporate network this can be a backdoor route to let a determined criminal mount an even wider-ranging attack,” Dr Shah said.
BAE Systems Applied Intelligence suggests three steps for businesses to protect their corporate networks:
For example, an appropriately encrypted VPN service could be used on untrusted networks. This can be combined with a global, cloud-based security solution that can scan the content and source the destination address by using specialised detection methods which block security threats and unacceptable content. “Companies need to consider appropriate security measures to protect against cyber criminals accessing their information and networks through activities staff may think are seemingly harmless,” Dr Shah said.