The entire world is working remotely, opening up office networks to personal wireless devices. However, a survey by Outpost24 indicates that this is worsening an already bad situation regarding the management of wireless devices.
More than half of over 200 security professionals at the 2020 RSA conference were not aware of the number of wireless devices connected to their network, with almost two thirds (69 percent) not performing weekly security checks for malicious infections or known vulnerabilities, said the survey.
The RSA conference was held from 24 to 28 February, 2020. A third of the global population went under the Covid-19 (Coronavirus) lockdown within the next four weeks.
More than 70 percent of the respondents said their organisations need to do more to monitor and protect against rogue devices or access points, with 57 percent conceding that the devices purchased by their organisations are not cleared by security personnel. Only a third (33 percent) were confident that they could prevent a wireless/Wi-Fi attack.
“Devices such as smartphones, tablets, smartwatches, wireless keyboard/headsets, printers etc. could be connected to the network of a business/company without being monitored or authorised. Vulnerabilities in such devices could be used as a potential ‘wireless bridge’ to create a doorway into the wired network, and Bluetooth flaws such as BlueBorne could also be exploited to steal data or install malware,” Bob Egner, head of products at Outpost24, told SC Media UK.
“Whether using the latest wireless headphones, or transferring files to colleagues, Bluetooth has now established itself as standard technology, built within nearly every device or computer system on the market. However, like any piece of tech, convenience exposes vulnerabilities and security risks, causing endless headaches for the modern security professional,” Egner said.
The first step to counter Bluetooth threat is to mandate security authentication to initiate any Bluebooth pairing, shows the survey. It’s important to have the tools and process in place to continually monitor the devices on the network, so that any unusual device behaviours are spotted and checked in real time, Egner explained. Automated monitoring is mandatory when it comes to managing personal devices accessing organisational networks, he added.
“It’s important to implement and integrate the necessary assessment tools to automate discovery and monitoring of wireless threats as part of the vulnerability management process. Many organisations we work with have delegated this problem to network engineers instead of treating it as the security problem which it is,” Egner pointed out.
Aggravating the issue is the use of legacy devices. Over a billion Android devices that use version 6.0 or the earlier ones remain vulnerable to hackers and malware as they do not receive security updates anymore. Moreover, 20 percent the survey respondents have never checked their wireless devices for malicious infections or known vulnerabilities, while 12 percent respondents have not done so in over a year.
“The problem lies in the lack of visibility for device sprawl. If companies are not actively identifying and monitoring rogue devices or access points, they don’t have a good picture of the device footprint in order to assess them for malicious infections or known vulnerabilities,” noted Egner.
There are many organisations that don’t have VPN access set up or enough laptops, mobile devices or processes to enable home working. While IT teams try to quickly sort this situation out, employees often find workarounds such as sharing files using FTP sites or sending data to personal devices to work on, said Egress CEO Tony Pepper.
The risk of human errors worsen when personal mobile devices are used for work, Pepper added.
“For example, with people working on smaller screens and via mobile devices, it’s more likely they might attach the wrong document to an email or include a wrong recipient. Contextual machine learning can spot when incidents like this are about to happen and correct the user’s behaviour to prevent a breach before it happens.”
The key is to start with security executives and the management gaining visibility of their wireless airspace, followed by continuous assessment of those devices to ensure they don’t turn into a threat, said Egner.