Fringe defence: identifying devices and protecting your business from cyber attacks

With the rise of the Internet of Things, businesses are now exposed more than ever before to the threats of cyber attacks and online fraud.  How can you ensure you minimise the risks posed by unsolicited fringe devices and keep your company protected? Jason Fry, a cybersecurity specialist and Managing Director at PAV i.t. services, investigates.

  • 7 years ago Posted in
When it comes to IT equipment, fringe devices aren’t always the first things on the radar when it comes to potential security breaches.  However, the hazards they pose lie in both company policy and the potential for unsolicited devices to connect to your online network.   
Fringe devices can range from employees’ mobile devices to memory sticks and tablets to printers.  But no matter what they are used for, all fringe devices are susceptible to security breaches and identifying them is key when it comes to maintaining robust defences.
Identifying the risks
A combination of automatic discovery and a manual survey should help you to pinpoint all your fringe devices. Those already connected to the network can be picked up by most security software, which can perform some degree of automatic scanning to flag them. This should not be relied on for picking up all devices however, as some may have firewalls that would stop such software from communicating with them.
In order to ensure that you pin down all devices, cross reference the results of a scan with a manual survey and the automatic discovery results.  Wired products are easier to identify as you can trace the cables back to where they physically connect to.
Building your defences
A double defence of technology and policy is needed to ensure your devices are protected.  In terms of technology, multiple levels of security hardware and software should be used to close any gaps and make sure there are no single points of failure. Strict processes as to what fringe devices are used for, and have access to, should be adopted and will help to bolster your defences.
Isolating fringe devices onto their own network can provide an easy-to-manage configuration.  By doing this you can control the devices’ access to corporate resources and a separate network also ensures they do not interfere with, or infect, core resources if they are compromised.  Lock down workstations, network ports and other entry points into the network will also ensure the risk of attack or infection is minimised.
Ultimately, keeping your security policies up to date, carrying out regular testing and governing the usage of devices are key to maintaining your protection systems.
Prevention is better than cure
Protecting your company from untrusted and unmanaged fringe devices starts with policy – one that is robust, regularly updated and adhered to.  Each device should have its own strict user policy, particularly employee-owned devices as these are completely uncontrolled by the business.  A clear protocol for updating is key and should be put in place to ensure devices have the latest software and firmware protecting them against possible exploitation and attack.
Always ask yourself if a device needs access to the network.  If the answer is “no” then they should not be allowed to connect to it.  In the case of those that are, identify and define what they are needed for and document this – that way the correct programmes and tools can be used to defend the network, while ensuring users have the flexibility and access they need for the business to function.
By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.