Deciphering Between Hacker Sent & Legitimate Emails

Solutions
NETRIO
Solutions

Managed IT services are essential for the modern organization. As your pace of digital transformation accelerates, your IT infrastructure will grow in both breadth and complexity. It takes a highly skilled team that has expertise in managing complex environments to provide the proactive support model necessary to stay ahead of the demands of the modern workplace.

EXPLORE SOLUTIONS
Managed IT Services

Cybersecurity

Network Operations Center (NOCaaS)

Connectivity

Hardware & Software Procurement

Voice Solutions
Are Managed Services a Good Fit For Your Organization?

We manage IT and technology assets to free up valuable internal resources to lead and deliver on strategic initiatives that advance business goals.

LEARN MORE
Partners
- White Label Partners
- Channel Partners
Why NETRIO?
Resources
- Blog
- Customer Resources
Contact
Book a Consultation
214-888-8500

By: Brian DeVault

Many employees are restricted to working remotely, and much of this requires using a telephone or cellular device to contact customers. In this week’s episode we put together a strategic plan to become accustomed to the telecommuting strategy.

View Video Transcript

Mike Cromwell

Welcome back to Whiteboard Wednesday. Mike Cromwell.

Brian DeVault

Brian DeVault.

Mike Cromwell

We’re your co host, and we’re now on to part three, I guess episode four, part three of the elements of a great Cybersecurity posture. So today we’re going to talk about mobile, which is symbiotic with end users, because so many people remote these days. But there’s also a lot more applications that are becoming extensions of the network over mobility solution.

Brian DeVault

So Brian, why dont you to walk us through what a great posture looks like on this front?

Brian DeVault

And a lot of demand for this recently, right? With the Covid and the work from home. And a lot of people are just getting more accustomed to the telecommuting strategy. So I find myself on my phone a lot these days doing basic office tasks like MS teams for messaging and email, even going as far as access company documents. So these are all very important. So I’ve got them broken down here into a couple of different categories. But one of them is you’ve got to enroll. So you got to have a product that helps you do mobile device management.

Brian DeVault

Some of those are built in Office 365 and other productivity suites. Some of them are stand alone, but you have to have a program or a platform, if you will, to manage mobile devices. That’s going to help you with the rest of these items. Right? So the other thing is enforce, right? Back here in your policies section, you’re going to have a mobile policy written as well. And so you need to use your mobile device management tool to enforce what your policy says. Right? So make sure the to align.

Brian DeVault

Right? So writing this one is only as good as the paper it’s on unless you enforce it here. Right? And then adjust accordingly. Watch your behavior. What your end users behavior. What you’re going to find is at first it may be a little bit too restrictive, and so you might loosen it up in some areas, or maybe vice versa. Right? You’re going to get feedback from your end users about, hey, my mobile device doesn’t allow me to do this. Or hey, by the way, I was able to access this I’m not normally able to. Right? So you need to make sure you get that right.

Brian DeVault

And restrict. Applications that are installed on it, restrict them to be signed by the App Store. Right. Don’t allow restrict the software that can be installed on those mobile devices. So make sure it’s only apps that are signed by the App Store. Make sure people are not downloading suspicious apps or apps that have malicious intent. Right. Like things like WiFi scanners and hacking tools and those types of things. A lot of times they’ll have embedded software and then that’s beaconing or doing something that you don’t want it to be doing.

Brian DeVault

And then authenticate your applications against your mobile device. Again, use that multi factor authentication require it from mobile platforms as well as from your desktop platform or your SAS environment so that you ensure that if somebody picks up a device or it’s lost or stolen, that you have the ability to prevent them from gaining access to it, even if they get the the code right for the welcome screen.

Mike Cromwell

And how does this look different when you’re talking company issued mobile device versus bring your own device and where somebody’s going to take their phone and add all the apps they need to do to do business, which seems to be an overwhelming majority of people today.

Brian DeVault

If you can’t restrict enough and still allow the end user to provide their own phone or their own mobile device, then the company needs to provide them one. Don’t sacrifice security because you’re giving into the needs of the person or the personal needs of the end user. Put the business needs up front, make sure you can achieve what you’re trying to achieve and let that drive the policy.

Mike Cromwell

So therefore you would take only certain applications and enable people to have access to those on mobility. That makes sense. That’s just good common practice, something that a lot of you probably see a lot of businesses that don’t necessarily do that.

Brian DeVault

But sometimes you see, like in a more restrictive environment, you might not allow your end users phones to join public or guest Wi Fi networks or Wi Fi networks that are unprotected password protected. That’s a good policy in general. Like you shouldn’t do that on your personal device. Why are you doing on a company device so you can be more restrictive or less restrictive based on the framework and do things like maybe don’t allow end users to download documents to their mobile device, but they might be able to view them.

Brian DeVault

That could be an example, right? Because anything any of your company data that resides outside of your corporate network or your cloud or your SAS environment represents risk.

Mike Cromwell

And what are best in practice tools that companies can use to manage mobility device.

Brian DeVault

So the two most common, you’re going to see our Office 365 and Google Workspaces, which are the two office productivity suite. Microsoft takes this a step further with inTune and some of their advanced products, but those are the two industry leaders.

Mike Cromwell

Well, there you have folks. Stay tuned next week where we’re gonna dig into compute. We got four more episodes left.

Mike Cromwell

If you have any questions, comments give them to us below. We welcome feedback and we’ll do special sessions based on what we hear from folks. And stay tuned. I appreciate you guys watching and look forward to talking to you next week.

Brian DeVault

See you next week.

Enroll

Mobile device management (MDM) software is used by businesses to optimize the functionality and security of their fleet of mobile devices, including smartphones and tablets. The intent of MDM is to optimize the functionality and security of mobile devices within the enterprise, while simultaneously protecting the corporate network. By applying custom policies to smartphones and tablets through MDM software, an administrator can regulate both corporate-owned and personally owned devices to the organization’s policies.

IT departments use MDM software to monitor, manage, and secure employees’ mobile devices that are deployed across multiple mobile service providers and operating systems, as well as enforce policies and maintain the desired level of IT control. MDM software can limit the risk of lost data, stop unapproved software installs, and prevent unauthorized access to the mobile devices accessing corporate data and networks. To qualify for inclusion in the Mobile Device Management category, a product must be compatible with all common or company-issued mobile devices, and support necessary operating systems and platforms.

Enforce

Keep your software up to date with effective patch management. When software updates are not enforced, you’re risking the stability of your IT environment. Experienced hackers are well-versed in system vulnerabilities, and unpatched software makes it easy for them to infiltrate your network.

Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message. Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store. Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:

Restrict

One of the most significant benefits of MDM is the possibility to configure devices remotely. With different configuration and restriction possibilities, organizations can easily ensure data security and compliance, and provide employees with the tools they need. MDM makes it possible to install all necessary settings to devices and set restrictions for device usage.

Your company should restrict the software that can be installed on your mobile devices. Make sure it’s only apps that are signed by the App Store. Another thing is to make sure people are not downloading suspicious apps or apps that have malicious intent like things like WiFi scanners, hacking tools and those types of things. A lot of times they’ll have embedded software and that’s beaconing or doing something that you don’t want it to be doing.

Authenticate

Authenticate your applications against your mobile device. A great idea is to require multi factor authentication from mobile platforms as well as from your desktop platform or your SAS environment. This will ensure that if somebody picks up a device or it’s lost or stolen, that you have the ability to prevent them from gaining access to it, even if they get the code right for the welcome screen.

There’s no one-size-fits-all approach to authentication. When reviewing the authentication architecture of an app, you should first consider whether the authentication methods used are appropriate in the given context. Authentication can be based on one or more of the following:

Something the user knows (password, PIN, pattern, etc.)
Something the user has (SIM card, one-time password generator, or hardware token)
A biometric property of the user (fingerprint, retina, voice
The number of authentication procedures implemented by mobile apps depends on the sensitivity of the functions or accessed resources. Refer to industry best practices when reviewing authentication functions. Username/password authentication combined with a reasonable password policy is generally considered sufficient for apps that have a user login and aren’t very sensitive. This form of authentication is used by most social media apps.

This blog post is part of NETRIO’s weekly Whiteboard Wednesday series. Follow along on Linkedin and YouTube each week as Brian and Mike discuss use cases, new technology, and trends.

NETRIO
Solutions

Are Managed Services a Good Fit For Your Organization?

How To Create A Great Cybersecurity Posture: Mobile

By: Brian DeVault

Enroll

Enforce

Restrict

Authenticate

SOLUTIONS

COMPANY

KNOWLEDGEBASE

NETRIOSolutions

Are Managed Services a Good Fit For Your Organization?

How To Create A Great Cybersecurity Posture: Mobile

By: Brian DeVault

Enroll

Enforce

Restrict

Authenticate

SOLUTIONS

COMPANY

KNOWLEDGEBASE

NETRIO
Solutions