NCSC: Revoke Admin Access for BYOD Users Immediately
Government security experts have urged organizations to review and re-plan any BYOD strategies implemented as a quick fix during the pandemic, warning of mounting cyber-risk.
GCHQ-offshoot the National Cyber Security Centre (NCSC) has released updated guidance for organizations designed to help them design, deploy and manage what it claimed could be a “potentially difficult IT set-up.”
Senior platforms researcher, “Luna R,” warned in a new blog post that the time for a “just make it work” mentality is over, and BYOD must now be carefully considered and rigorously implemented to be effective and secure.
“You cannot do all your organization’s functions securely with just BYOD, no matter how well your solution may be configured,” she argued. “If you’ve given BYOD users admin access to company resources, revoke that access immediately, then come back.”
The rapid shift to remote working during the first months of the pandemic made employee use of personal devices virtually essential in many organizations, especially those with smaller IT budgets.
However, stories soon emerged of threat actors targeting vulnerabilities and misconfigurations in these devices and home networks to get to corporate networks and resources.
A Bitglass study from