Cybersecurity

How Secure are Your Board’s Devices?

Cyber-attacks on businesses in Australia are escalating, according to an April 2019 report by IT security firm Carbon Black. About 90 per cent of businesses surveyed have suffered beaches, the survey shows, and nearly the same number of Australian businesses say that threats to their networks are increasing both in number and in sophistication. Human error in document sharing accounts for a large percentage of these breaches.

Attacks on mobile phones in Australia have increased alarmingly, and logging into free wi-fi makes it easy for phone hackers to get inside your mobile, warns the Sydney-based cyber-crime expert Julian Plummer. “Hackers use a ‘wi-fi pineapple’ to mimic a public wi-fi access point, and logging on to these malicious wi-fi access points allows hackers to intercept any unencrypted personal data.”

Hackers can also reach business’s mobile phones via the public cell phone charging stations, often found at airports and train stations. USB ports can pass data through them and essentially infect your device, along with every other device that plugged into the port before you. At a busy airport where people are coming and going all day long, that’s a lot of risk. One way that this works is that a cybercriminal purposely leaves a phone charger behind. You come along and, rather than pull out your own charger, you just use the one that’s there. What you have no way of knowing is that there’s an extra chip inside the cord that deploys malware.

If sensitive documents have been shared to one of these phones, then the sensitive information is easy prey for hackers who can sell it to anyone they like.

Cyber attacks on businesses are up 205 per cent in the past year, according to Vodafone statistics. Wellington-based cyber security entrepreneur Kendra Ross warns that many New Zealand businesses were oblivious to threat of such theft of corporate documents, particularly through things like mobile phones, IoT and other smart devices. Document sharing is again the source of many breaches.

Bring your own device – but connect with care

Board members nearly all use their own devices to communicate with each other about their work. Yet a survey by Infonetics shows that 64 per cent of personal devices used at work have had sensitive corporate data stolen.  

In an Australian March 2019 survey by IDG Communications:

  • One in five organisations lacks visibility into basic, native mobile apps on personal devices;
  • Only 56 per cent of companies employ key functionality like remote wipe for removing sensitive data from endpoints;
  • 43 per cent of organisations don’t know if any BYOD or managed devices downloaded malware, indicating a significant lack of visibility;
  • 24 per cent of organisations don’t secure email on BYOD at all.

“These statistics indicate that companies aren’t entirely prepared to secure data properly in BYOD environments, although 51 per cent of respondents believe that the volume of threats targeting mobile devices is continuing to increase,” according to the survey.

About 30 per cent of Australian companies surveyed still do not allow BYOD due to security concerns, the survey shows. But it is highly probable that in the coming years companies will alter their practice in order to maintain a competitive stance in the market.

What’s more, these personal devices are used to exchange email or messaging; in fact, Over half of sensitive internal board communiques happen over personal email, writes Forrester Research in a recent report. Fifty-six percent of board members are using personal email (not business-regulated email) to communicate about board matters. This type of practice leaves boards vulnerable to potential cyberattacks, breaches, and inadvertent data leaks. While just over a third of boards rely on closed-loop secure communication channels, the rest are risking potential material loss by using unsecured communication methods.

Insecure document-sharing is a high priority for cyber security experts, as nearly half of firms in Australia and New Zealand make it a high priority. This is because web browsers are the most-used engines for document sharing, the Infonetics survey shows.

According to a recent study by the Ponemon Institute, the Ponemon Institute, organisations are not aware how pervasive the use of browser-based document-sharing applications has become. In this study, more than half (51 per cent) of respondents say their employees use at least one browser-based file sharing tool. However, more than one-third (34 per cent ) of respondents do not know the extent to which these applications are being used in the workplace.

Board directors deal with much more confidential and sensitive information than most other people – and the need for them to be able to share documents in complete security is critical. The best tool for board directors to work efficiently in a secure environment is to use a highly secure board management software system that was designed by an industry leader in Modern Governance.

Modern Governance Requires a Board Management Software Platform

Diligent designed a secure platform for board communication and collaboration. The software designers really listened to their board member customers and learned about the particular needs that boards have.

Diligent Corporation put together an entire suite of board management governance software solutions and made sure that they all fully integrate with each other and that there is no risk of one product spreading a virus to another. Everything with Diligent products resides in the cloud and is available online and offline, so companies don’t even need VPN.

A specific way that boards can protect themselves is by using the user permission feature to ensure that only the right people get access to sensitive information and that the rest remains confidential. If sensitive information somehow got taken, encryption adds a layer of protection. Diligent is aware that encryption needs to follow industry best practices and evolve to ensure that digital board tools have the strictest security measures possible.

 

Board Portal Buyer’s Guide

With the right Board Portal software, a board can improve corporate governance and efficiency while collaborating in a secure environment. With lots of board portal vendors to choose from, the whitepaper contains the most important questions to ask during your search, divided into five essential categories.

Featured Blog