It’s that time of year again. Employees have gone away from the office to spend time with friends and family. They will, of course, return shortly in the new year, many of whom will have new devices that they will want to join the corporate network to stay connected. Many of these devices include smartphones, televisions, watches, phones, tablets, etc. The technology provides an exceptional level of convenience for the user, but it means that more information is being shared with third-parties, and new threat surfaces are being created as more devices are added. With these new devices, the security of the information they collect (and in fact the security of the devices) is not perfect. So, what can you do to make sure you secure your devices, data, and network? Let’s take a look!
Monitor network traffic for anomalous behavior
If you are going to allow new devices on your network, you need to monitor the traffic that these devices are generating. While ACLs are an important step in a multi-layered approach to network security, you must have a way to detect and alert on breaches to these policies. When the new device starts to communicate to the finance servers or attempts to access your mail system, a red flag should immediately be raised because, after all, these devices are purpose-built and have no viable reason to communicate with these servers or applications. This is the first step in being sure you are sufficiently protecting your network when new devices are coming online after the holiday break.
Create employee guidelines for new devices
Many organizations already have rules and guidelines for employees that want to connect to the corporate network for internet access. If you don’t have any formal rules in place, it is a good practice to inform employees of what they can expect when connecting to the network. Specifically, having guidelines that inform employees that network traffic is monitored on the corporate network is a good place to start. Additionally, requiring employees to connect devices on guest or isolated networks is a great way to have these devices deployed in a least-privilege fashion, i.e., with limited access to network resources. After all, if you allow your employees to bring in smart TVs (consider yourself lucky if you are among the few that can do this), they probably don’t need access to every corporate resource available. It’s likely that they just need internet access. Smartphones, tablets, and other devices used for personal use are also likely to only need basic internet access. Let’s limit what these devices can access so as to not put the corporate network at risk.
Finally, when setting up these guidelines, educating employees of best practices like proper password creation and keeping devices up-to-date are an even more important part of keeping your network secure. Employees are often the weakest link to security, and this is most often because employees don’t understand best practices to avoid compromise.
With proper education and network traffic analytics, new devices being added to the network will provide convenience and a morale boost for your employees while making sure your network is secure. Download Scrutinizer today to start using network traffic analytics today.