The week in security: BYOD popularity draws security warnings

A number of US network service providers came out arguing in favour of blacklisted Chinese vendor Huawei, which has come out offering "unrestricted access”to its software source code in an attempt to assuage security concerns that have led several governments, including Australia’s, to ban its gear from their networks.

Speaking of security concerns, Windows 8 has been adjudged to be even more secure than its predecessors, but that’s not a sign that malware isn’t soon going to start tightening the screws on the new platform.

Reports suggested the volume of mobile malware is continuing to grow, with Android alone copping 175,000 different malware variants. Mobile devices are already poorly secured overall, and increasingly nasty Android malware isn’t making things any easier.

Little wonder: cyber-criminals are apparently selling access to compromised business systems. The actual compromising is proving to be easier than it should, with weak passwords – including ‘password’ and ’ninja’ – still far too common.

Those sorts of figures aren’t going to do anything for the confidence of companies considering bring your own device (BYOD) policies. Indications are, for example, that investment firms are feeling bullish on BYOD, even though experts are warning about unfettered employee freedoms and analysts warn that IT departments need to work to keep up with BYOD’s growth. This involves better security practices, among other things.

Unsurprisingly, military and intelligence agencies are concerned about BYOD and cloud, although the DSD is looking to control its risks with an education campaign focusing on application whitelisting and 34 other pointers, encapsulated in a campaign called ‘Catch, Patch, Match’.

IT administrators in the US state of South Caroline should have been doing more catching, patching and matching, apparently: a major security breach exposed 3.6m confidential social security numbers and credit cards. This sort of breach led the director of the UK’s Cabinet Office to urge Internet users to give Web sites fake personal details to protect their identities.

BYOD isn’t the only technology drawing warnings: the US Federal Trade Commission, for example, has come out warning that companies should be careful about how much they do with facial-recognition technology. They should also be careful about providing encryption technology, apparently, after a UK council was fined £120,000 for failing to provide encryption software for its legal team.

Meanwhile, spammers have been abusing a US government URL shortener, and in a separate scheme drew on the name of Australian Crime Commission CEO John Lawler to try to swindle fraud victims.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

More videos

Blog Posts