As the digital transformation progresses onwards, the unfortunate side effects are becoming blatantly obvious in the news. It seems like every other day that some new big box company, political party, or individual has their information compromised. But even though only the few biggest companies get the real media attention, hundreds of millions of hacking attempts are happening every day. That's why we sat down with Sean Ginevan, Senior Director of Strategy at MobileIron to talk about how you can be assured that your future endeavors will be secure.
ADM: What do businesses need to do to ensure their vendors are secure?
Ginevan: If you're allowing vendors to interact with your enterprise systems or data, you should make sure that you're not providing broad based network access. Now is the time to ensure your network is properly segmented - your HVAC maintenance vendor that's connecting a smart air conditioning system should only be able to access that AC, not your broader set of enterprise systems. Where possible, use penetration tools that validate your organizations' minimum set of security criteria are met by your partners and manage the connected devices that vendors' may want to use on your network.
ADM: Attackers are becoming increasingly aware of corporate extortion. How do you expect this trend to continue, especially with IoT devices?
Ginevan: Hackers will always look for the weakest leak, not just in your organization but also with those you partner with as well. So that's why you should be ensuring that your enterprise devices are trusted, secured and managed, and any devices your partners bring are segmented to have only the access they absolutely require. And, where possible, manage and secure the devices your partners bring as well.
Sean Ginevan, Senior Director of
Strategy at MobileIron
ADM: Some say these leaked episodes could be a great time for malware authors to load malicious content under the guise of being a leaked episode - can you talk about the threat at an enterprise level?
Ginevan: Sites with pirated content have been notorious for harboring viruses and malware. So, organizations need to be on the lookout for users accessing sites and ensure that anti malware solution is monitoring for cases where the user has potentially downloaded a trojan episode.
ADM: What is the biggest thing companies should learn from this type of attack?
Ginevan: The Netflix hack, like the Target hack back in 2013, proved again that no matter how secure your own organization is, your partners can still leave you vulnerable. So set your own security criteria, make sure you're partners are meeting it, and protect your own network by limiting access when partners access your systems.