I remember quite distinctly being asked a few years ago to “defend the BlackBerry.” While the devices are really quite good, the task is harder than it sounds in the era of iPhones and Androids. After grasping for an answer I finally stumbled upon “it’s professional! Do you ever see a businessman in the movies carry an iPhone?” While that may not have been the case a few years ago, today it is completely standard – and professional – to have whatever phone you’d like. BlackBerries are falling out of favor at faster rates than ever – according to The Guardian, BlackBerry users have fallen from 80 million to 50 million and the number is still dropping.
BlackBerry did hold a position of some importance in business technology for a long time, and it relied heavily on its reputation as secure, controlled, and uniform. The company even wrote on its blog about the challenges of cybersecurity in the enterprise and why a BlackBerry device is a good choice for cybersecurity. Their answer was really very simple: BlackBerries are easily controlled by IT, and if your employees can’t make choices about technology, then they can’t make bad choices about technology.
Neither this post nor this webinar will be about BlackBerries in particular, but about much larger issues – the reality of BYOD (Bring Your Own Device) in financial institutions, the problem of cybersecurity in financial institutions, and the fact that one is contributing to the other.
BYOD Is The New BlackBerry
While many people think of financial cybercrime as being the work of foreign criminals on a computer, those criminals are often aided by an unexpected (and unwitting) ally in your office – any one of the many employees walking around with a personal device that happens to be connected to your network, email server, or other sensitive information. More employees than ever are walking around with these kinds of devices. BYOD (Bring Your Own Device) isn’t going anywhere – IDC predicts that by 2016 there will be 480 million smartphone sold, 65% of which will be heading into a BYOD environment. According to a recent Cisco study, 69% of decisions makers in the US feel that BYOD is a good thing for their organization.
Unfortunately, we haven’t shifted our mentality to reflect these changes. Though according to SecureEdge a whopping 80% of all BYOD is completely unmanaged, the security thought process is the same – lock everything down. A SANS Institute Research Survey found that “more than 50% of organizations rely on their users to protect personally owned devices.” Well what could be done? It’s actually not as complicated (or costly) as one may think.
Our September 1 webinar on Wireless devices discussed the various ways that organizations are trying to lock down their security with hardened outer defenses while ignoring internal threats. While these statistics are disheartening, they are also for industry in general. The outlook in the financial industry is not quite as bleak – with security budgets for the financial industry topping $9.5 billion in 2015, one would hope so. But what does it look like on the ground?
We will continue this exact conversation with Security Weekly crew on Wednesday, September 30 to hear a panel of experts discuss what it’s actually like to implement a secure, effective BYOD policy.
REGISTER HERE for the webinar