Page 9 - Cyber Warnings
P. 9
Out from Behind the Firewall and into the World
Remember when workplace cybersecurity was as easy as keeping everyone behind the same
firewall and enforcing strict access control methods and policies? Of course breaches
happened, but at least IT departments could maintain their control of most data.
Today, we live and work in an age of BYOD (bring your own device) where even employees
who spend most of their workday at the office still perform plenty of tasks on their personal
mobile devices.
On one hand, this makes employees more flexible and available to work from anywhere (a good
thing). On the other hand, instead of having to break through a firewall, all a hacker needs to do
is hack a PIN, password, or perhaps even a fingerprint on a single device. That old cliche about
a chain being only as strong as its weakest link starts to feel painfully true when a company
loses millions because one employee shared a password.
Better Unsafe than Inconvenienced?
If you’re a security professional you might be thinking, “Who doesn’t even put a password on his
phone?” The truth is, many people would rather risk a security breach than perform even one
security step, let alone several, because they are so intrusive.
While most of us are happy to type in a single password to access a device or service, each
additional step raises users’ frustration until they simply opt out, either by leaving the system
entirely or ignoring basic security protocols.
For example, many companies require that all files be kept on a central server, but Google Docs
is so easy to use that many documents are stored there even if that’s prohibited by company
policy. It’s the classic tradeoff between ease of use and data protection.
In a customer-service setting, this might mean that a potential customer becomes discouraged
and takes his or her business elsewhere. In a workplace, it may mean that an employee
foregoes simple security steps in the name of easy access, such as when workers don’t log out
of their computers whenever they walk away from their computers or skip security procedures
like authenticator codes or password recovery questions.
Facial Recognition Takes the Pressure Off
Some security solutions like firewalls are great because they require no effort from end users.
But with mobile taking people outside the protection of a firewall, businesses require a new
solution for security factors that don’t require onerous extra steps.
So what’s the solution to this seemingly intractable problem? To find the answer, we need look
no further than the most common criticism of modern tech users: “Your face is always stuck in a
phone!” Whether for work or play, we use our devices by looking right at them, and that means
9 Cyber Warnings E-Magazine – May 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide