How are you Managing Transient and Other Portable Devices?

While properly securing devices like laptops and USBs that are not perpetually connected to the network is not a new problem, that endeavor became exponentially more complicated in light of the current pandemic. Prior to the pandemic, some organizations were able to greatly restrict transient devices in their environment; now, not so much. This means that controls, policies, and procedures for securing these ephemeral devices can no longer be deferred. Critical infrastructure security firm Applied Risk shares its view on some of the challenges OT environments face in securing transient assets and other portable media. It probably comes as no surprise that an accurate and up-to-date asset inventory tops the list. However, Applied Risk offers a reminder on the importance of identifying and managing other physical ports of entry such as plug-ins, remote workers, scheduled vendor visits, portable electronic devices, and the ever-perilous personal-and-business use consumer electronics (BYOD). The referenced post has somewhat of a checklist of considerations for mitigating risk from these fleeting devices. Read more at Applied Risk.