Top Security Predictions for 2011
Why bother banging your head against the wall trying to figure out how to blast through a locked steel door if the window is open? That about sums up the mentality of malware developers and attackers when it comes to breaking into PCs.
Palo Alto Networks explains, "Hackers will prefer to break-in through the back door or side window instead of a full frontal attack on the front door of Facebook and other social media sites."
That is true for PCs and mobile devices as well. IT admins will still have to monitor and protect the primary platforms--be it Windows, Facebook, an Android smartphone, etc.--but will also have to scramble to ensure that the various networks and applications those platforms are connected to don't leave a window open for attackers.
Aside from the threat posed by insecure network partners and poorly-coded third-party applications, the general trend from users sitting at fixed locations safely tucked inside an office building inside of the "network perimeter" poses an increased risk.
Laptops--whether notebooks or netbooks--are becoming the norm and replacing desktops as the standard issue hardware in many organizations. Combined with the explosion of smartphones and tablets, users are now connecting to e-mail, files, and other network resources from virtually anywhere.
While setting up office from a neighborhood coffee shop or hotel lobby while on the go is obviously convenient, it is a security nightmare. Public wireless networks are prone to snooping, and just accessing sensitive information in a public area can unwittingly expose it.
IT admins can guard against those threats by requiring a secure VPN connection to connect with company resources, and by implementing policies preventing users from conducting work in public areas. However, dealing with the sensitive data stored on the mobile devices is a more difficult issue.
The same small size and portability that makes mobile computing devices like netbooks, tablets, and smartphones so convenient also makes them easily lost or stolen. These devices commonly have gigabytes upon gigabytes of storage capacity, and may hold sensitive data. Attackers know this, and mobile devices will be a common target for theft--both casual theft for the value of the device itself, as well as more targeted attacks aimed at mobile devices of executive managers or key personnel.
There you have it. What are your predictions for 2011? Feel free to share your thoughts on what 2011 holds in store for security in the comments. Let's meet back here in December of 2011 and see how accurate our predictions were.