A combination of irresponsible user behavior and weaknesses in the protection of networks could create more risks for data breaches during the holiday period than at any other time, according to BalaBit.
70% still expect to use the downtime to connect to the network or check in on emails, with 39% logging on to access emails several times a day. However, whilst the majority of respondents, 72%, have used their own, a friend’s, colleague’s, or a public device to connect to the network during their holiday, 38% of users have not been asked for extra levels of authentication when connecting to the company network from a device that has not been registered.
Some executives sidestep basic security measures during their time off. One in seven respondents (14%) have shared personal access details – their user name or password – with a colleague. Going against best practice on password protection, the same number of respondents have shared their password on the phone so that a colleague so could complete an urgent task on their behalf.
Around a third of all respondents surveyed, 35%, also admitted that they have not changed their password immediately after they have given it to someone else. Personal relations appear to play a role in this with a fifth of respondents admitting they had done this, as they trusted that person.
Whilst BYOD can help employees to do their job even if they’re not in the office, which can make business processes more effective, IT Security teams should support them to do this in a secure way:
- Establish IT policies to prevent users from sharing account usernames and passwords. Even if a password is changed immediately after it has been shared with any colleague, the security of the corporate network may already have been compromised.
- In situations where a task needs to be done on behalf of a privileged user during the holiday, be prepared in advance. Give temporary access with the appropriate credentials to a colleague who is the ‘substitute’ or use a digital credential store within your network. This solution offers a secure way to store user credentials (for example, passwords, private keys, certificates) to login to the target server, without the user having access to the credentials, even if the credentials belong to shared accounts (e.g. root).
- Ensure that your policies support them to do their job on a secure way, as the time and resources spent on preventing security incidents is far less than that spent on mitigating the risk of business and reputation damages.
- Enforce a secure access (VPN, SSL or bastion mode), and an authentication when users access the company network from a device that is not registered.
- Monitor users’ activities in real time and set alerts (or block the session) in case of detecting suspicious activity in the network. Rather than adding countless control layers, a monitoring-based approach can help to prevent data breaches by identifying unusual user activity.