14 DAY TRIAL // Earlier this week, we learned that UK Cabinet Office Minister Francis Maude installed his own Wi-Fi because he was fed up with the “clunky” IT systems of Parliament that prevented him from using his phone and iPad in his office.
While some might understand Mr. Maude’s frustration, experts warn that this decision is terrible from an IT security standpoint.
“If he really has ‘installed his own wifi’ as the story suggests, then that network segment will not be configured, managed or audited by security experts in the House of Commons, rendering them blind to the the risks it represents,” Trend Micro’s Rik Ferguson explained.
“It will almost certainly connect networks not designed to be connected, effectively punching a hole through numerous firewalls. It will allow access to those systems from unmanaged devices (phone and iPad) which reside outside of the corporate network and represents a massive security breach and a disaster waiting to happen.”
The practice is known as “shadow IT” and it’s highly problematic for IT security teams. Using devices that are not properly monitored, including USB sticks and wireless access points, can lead to a whole lot of trouble.
“In the new paradigm of consumerisation and cloud the problem is exacerbated. Webmail becomes a covert channel, unmanaged file-synchronisation services a back door and virtual servers in someone else’s cloud often end up holding the crown jewels of the organisation outside every process and oversight of the business owner,” noted Ferguson.
The risks posed by the bring-your-own device (BYOD) trend have often been highlighted by experts and many IT security solutions providers are rushing to roll out solutions to mitigate the threat.
However, as Ferguson highlights, the cloud, consumerisation and cyberattacks remain the biggest challenges that an organization faces today.