ContentWatch Security Blog

Thu

Feb 23, '12

These days, if you don't know what BYOD stands for, you've just never seen the acronym. Companies around the world are implementing this long-term, "cost reduction" plan. In essence, it's happening as your employees bring their own mobile devices to use at work. If you are not seeing the challenges, your IT guys do.

Fri

Mar 2, '12

At organizations around the world, the BYOD (bring your own "mobile" device) trend is here to stay. If you have to abide by a policy, you should know a few do's and don'ts that pertain to personal device use at work. Matt Scott from ComputerWeekly has come up with his own personal list. I like it!

Mon

Jan 25, '10

There is no question, pornography is a dangerous and debilitating scourge. It can destroy families and it degrades women (and men).

Thu

Mar 3, '11

We here at ContentWatch have been offering Net Nanny Mobile for over a year, and we are feverishly working on improving and expanding the way we protect mobile devices like smartphones and tablets. Net Nanny Mobile (and soon to be ContentProtect Pro Mobile, for businesses, schools, and enterprises) has always provided anti-virus and anti-malware functionality.

Wed

Feb 11, '09

Two hours. That’s how much time a fairly large chunk of American workers with access to the Internet fess up to spending surfing the web, each day. EACH DAY.

Wed

Jul 9, '14

CareerBuilder conducted a study that looked at the top 10 productivity killers in the workplace. Not surprisingly, technology is at the top of the productivity killers.

Wed

May 7, '14

With internet security becoming more of a concern for companies, it is important that your employees know how to protect themselves on social media. Scammers and hackers are getting better at stealing personal or company information without us even knowing. Here are four things your company can do to maintain privacy on your iPhones, iPod Touches or iPads:

Mon

Mar 3, '14

The Real Enemy in the Battle Against Phishing

If you are have been using the Internet for a while, you will remember the Anna Kournikova virus that tempted users with a message “to see hot pics of Anna Kournikova, click here.”
 
You also probably remember the Nigerian money scam where email recipients were offered to receive millions of dollars for providing a bank account into which funds could be deposited to save someone’s inheritance.
 
We laugh now at how incredibly obvious these scams seem, but at that younger stage in Internet history, most of us were more naive and trusting than we are now.
 
By 2003, the term “phishing” was widely accepted and used by most technologists to define the method of extracting personal or confidential data from unsuspecting users.
 
Fast forward to today. Users have become wiser, more pessimistic, and less prone to take the bait of a phishing scam, but scams have evolved to become much more elaborate, deceitful, and dangerous.
 
Today, phishing scams range from fake websites that appear to look like American Express or Visa to direct phone calls from your bank to verify account information. The data that these scams are phishing for has also evolved.
 
Modern phishing scams look for spreadsheets and documents on infected computers, or scan contacts and emails for personal identity data and credit card information. Phishing scams are also known to target corporate financials, source code, and even intellectual property (see http://blogs.wsj.com/cio/2013/02/22/why-engineers-fall-for-phishing-attacks).
 
Some technologies have been developed to help safeguard against phishing techniques such as site reputation services, identity monitoring and data loss prevention software. But the truth is, phishing is not really a technology issue but rather a “people" issue.
 
Legions of IT professionals and millions of dollars spent on high tech solutions will not stop users from providing personal data, installing apps, or clicking on a tempting link in hopes of obtaining riches and being entertained.
 
The best protection from phishing exploits is largely done by training and constantly enforcing a culture of common sense and caution.  
 
None of the following statements and suggestions are new or groundbreaking.  I suggest these concepts be included in personnel training, frequently reviewing them with and including them as part of a corporate Internet usage policy might help breed a culture of common sense and caution.
 
Don’t believe everything you read, hear, or see online. Actually, be slow to believe.
 

Wed

Nov 2, '11

It's really not a good idea, on so many fronts, to let employees "Bring Your Own Device" (BYOD) to work.  By this, I refer to employees buying and using their personal smart phone and/or tablet at work, in many cases, to do work.  Some of the inherent challenges include productivity loss, security risks, data loss, liability risks, and device management challenges.  

Sure, it saves money to let employees spend on the devices.  And, the need to be mobile is growing. Forrester Research predicts that as many as 60 percent of information workers will work in a location away from their office during a typical workweek. Mobility is key to the future.

Mandating that employees own specific company-approved devices won't get you very far in many cases. Phones are kind of like cars. Employees pick the device that represents their personality, fulfills their needs, and feels good to use. If an employee chooses their device, the IT group will struggle to keep the large number of disparate devices supported and up-to-date with the latest company policies and apps.

Also, IT guys are used to three to five year upgrade cycles with laptops and desktops. Most people upgrade their phone about every eighteen months. This constant flux will keep IT hopping.

What's more, mobile device users are accustomed to installing apps ad hoc, anytime.  The iTunes Store and the Android Market have programmed us to be on-demand driven. Employees will hope to do the same and IT will have to manage updates just like iTunes and the Market.

Malware protection and antivirus solutions exist, but they haven’t been widely used yet. If you allow employees to BYOD, that usage policy needs to change.

In addition, your organization will need to govern what types of data can be stored and used on an employee's mobile device. Consider how easy it is to lose your customer list or your patient's health history.  What happens if the phone or tablet is lost or stolen?  Can you lock it down to avoid data loss?

BYOD is going to have to be managed in the very near term.  We are looking for and developing solutions to resolve the challenges mentioned here.