{"id":728,"date":"2013-06-19T14:03:35","date_gmt":"2013-06-19T18:03:35","guid":{"rendered":"http:\/\/www.kaspersky.com.tr\/blog\/?p=728"},"modified":"2019-11-15T15:11:22","modified_gmt":"2019-11-15T12:11:22","slug":"icini-disina-karsi-disini-icine","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/icini-disina-karsi-disini-icine\/728\/","title":{"rendered":"\u0130\u00e7ini D\u0131\u015f\u0131na kar\u015f\u0131 D\u0131\u015f\u0131n\u0131 \u0130\u00e7ine"},"content":{"rendered":"

Bilgi g\u00fcvenli\u011fini d\u00fc\u015f\u00fcn\u00fcrken genellikle d\u0131\u015f sald\u0131rganlar\u0131 ve kurum a\u011f\u0131na girerek bilgi \u00e7almay\u0131 deneyen siber su\u00e7lular\u0131 g\u00f6z \u00f6n\u00fcn al\u0131r\u0131z. Clearswift g\u00fcvenlik konular\u0131nda bilgi sahibi olmak i\u00e7in bir dizi anket d\u00fczenledi. Bu anketlere kat\u0131lan firmalar\u0131n %83’\u00fc son 12 ay i\u00e7inde bir g\u00fcvenlik ihlali ya\u015fad\u0131\u011f\u0131n\u0131 belirtti. Ancak bu g\u00fcvenlik ihlallerinin %58’inin bilinmeyen d\u0131\u015f sald\u0131rganlar yerine (bilin\u00e7siz kullan\u0131c\u0131lar, eski \u00e7al\u0131\u015fanlar ve g\u00fcvenilir i\u015f ortaklar\u0131 gibi) \u015firket i\u00e7inden noktalardan geldikleri g\u00f6r\u00fcld\u00fc.<\/p>\n

Ara\u015ft\u0131rma ayr\u0131ca kurumlar\u0131n %72’sinin g\u00fcn\u00fcm\u00fcz i\u015f d\u00fcnyas\u0131ndaki insanlarla ileti\u015fim ve i\u015f yapma \u015fekillerine uygun olarak g\u00fcvenlik sistemleri ve politikalar\u0131n\u0131 d\u00fczenleme konusunda s\u0131k\u0131nt\u0131 \u00e7ekti\u011fini ortayan \u00e7\u0131kard\u0131. \u0130\u015f yapma \u015feklinde ve i\u015f riskleri a\u00e7\u0131s\u0131ndan ortaya \u00e7\u0131kan en b\u00fcy\u00fck de\u011fi\u015fiklik ise BYOD denilen ve h\u0131zla pop\u00fclerli\u011fi artan “Kendi Cihaz\u0131n\u0131 Getir” sisteminden kaynaklan\u0131yor.<\/p>\n

BYOD tehditlerinin en \u00f6nemli 3 tanesi:<\/p>\n

1) \u00c7al\u0131\u015fanlar\u0131n kulland\u0131\u011fu USB ve depolama cihazlar\u0131<\/p>\n

2) Kas\u0131tl\u0131 olmayan insan hatalar\u0131<\/p>\n

3) \u00c7al\u0131\u015fanlar\u0131n kendi cihazlar\u0131 \u00fczerinden i\u015f ile ilgili epostalar g\u00f6ndermeleri<\/p>\n

Ancak bu t\u00fcr g\u00fcvenlik risklerinin tamam\u0131n\u0131 BYOD i\u00e7in y\u00f6nlendirilmi\u015f (veya en az\u0131ndan engellenmemi\u015f) kullan\u0131c\u0131lara atmak do\u011fru olmaz. Ankete kat\u0131lan firmalar\u0131n %31’i BYOD destekler ve y\u00f6netirken %11’i bunu desteklemiyor. \u00a0BYOD desteklemeyen firmalar %37 oran\u0131nda g\u00fcvenlik tehdidi ile kar\u015f\u0131la\u015f\u0131rken BYOD destekleyen ve y\u00f6neten firmalarda ise bu oran %18 olarak ger\u00e7ekle\u015fiyor. Ankete kat\u0131lan firmalar\u0131n %53’\u00fcnde kurum taraf\u0131ndan desteklense de desteklenmese de \u00e7al\u0131\u015fanlar cihazlar\u0131n\u0131n kurum a\u011f\u0131nda kullan\u0131yor.<\/p>\n

Peki daha sonra? Kurumlar bu i\u00e7 tehditlerin de en az d\u0131\u015f tehditler kadar \u00f6nemli oldu\u011funu farkederek g\u00fcvenlik ayarlar\u0131n\u0131 buna g\u00f6re planlamal\u0131. Konu BYOD oldu\u011funda kapsaml\u0131 bir kurallar\u0131 seti m\u00fcmk\u00fcn oldu\u011funca devreye al\u0131nmal\u0131d\u0131r. T\u00fcm kullan\u0131c\u0131lar ve \u00e7al\u0131\u015fanlar i\u00e7in bir e\u011fitim veya fark\u0131ndal\u0131k program\u0131 olu\u015fturularak \u00e7al\u0131\u015fanlar\u0131n ki\u015fisel cihazlar\u0131n\u0131 g\u00fcvenle kullanmas\u0131 sa\u011flanmal\u0131 ve risk azalt\u0131lmal\u0131d\u0131r.<\/p>\n

E\u011fer kurum BYOD kurallar\u0131 yay\u0131nlam\u0131yorsa, bir \u00e7al\u0131\u015fan olarak kendiniz bu \u00f6nerilerimizi uygulayabilirsiniz:<\/p>\n

1. Sistem y\u00f6neticisi veya bilgi g\u00fcvenli\u011fi sorumlusunun dan\u0131\u015fmanl\u0131\u011f\u0131n\u0131 almadan ki\u015fisel cihazlar\u0131n\u0131z\u0131 hatta USB depolama ayg\u0131tlar\u0131n\u0131 kullanmay\u0131n<\/p>\n

2. E\u011fer USB depolama ayg\u0131t\u0131 kullanacaksan\u0131z en az\u0131ndan kriptolu bir cihaz kullan\u0131n. Kriptosuz olanlardan \u00e7ok daha uygun fiyata kriptolu cihazlar da sat\u0131lmaktad\u0131r. 50 TL i\u00e7in \u015firketinizin sayg\u0131nl\u0131\u011f\u0131n\u0131 riske sokmay\u0131n.<\/p>\n

3. Ayn\u0131 \u015fey ki\u015fisel eposta hesaplar\u0131 i\u00e7in de ge\u00e7erlidir. E\u011fer ki\u015fisel eposta kullanmak zorunda kal\u0131rsan\u0131z i\u015f i\u00e7in \u00f6zel bir hesap olu\u015fturun (iki katmanl\u0131 g\u00fcvenlik kullanan Gmail hesab\u0131 gibi)<\/p>\n

4. D\u00f6k\u00fcmanlar\u0131 kriptolu olarak g\u00f6nderin. Bunu yapman\u0131n pek \u00e7ok yolu mevcut. \u00d6rne\u011fin MS Office d\u00f6k\u00fcmanlar\u0131n\u0131 \u015fifreli ZIP dosyas\u0131 ile g\u00f6ndermek gibi. Ayr\u0131ca \u015fifreleri d\u00f6k\u00fcman ile ayn\u0131 mesaj ile birlikte g\u00f6ndermeyin.<\/p>\n

5. Sistem y\u00f6neticinize dan\u0131\u015fmadan i\u015f eposta adresinizi kendi cihaz\u0131n\u0131zda kullanmay\u0131n. Bu i\u015f i\u00e7in \u00f6zelle\u015ftirilmi\u015f g\u00fcvenli istemciler mevcuttur.<\/p>\n","protected":false},"excerpt":{"rendered":"

Bilgi g\u00fcvenli\u011fini d\u00fc\u015f\u00fcn\u00fcrken genellikle d\u0131\u015f sald\u0131rganlar\u0131 ve kurum a\u011f\u0131na girerek bilgi \u00e7almay\u0131 deneyen siber su\u00e7lular\u0131 g\u00f6z \u00f6n\u00fcn al\u0131r\u0131z. Clearswift g\u00fcvenlik konular\u0131nda bilgi sahibi olmak i\u00e7in bir dizi anket d\u00fczenledi. Bu<\/p>\n","protected":false},"author":15,"featured_media":730,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1284],"tags":[],"class_list":{"0":"post-728","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tips"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/icini-disina-karsi-disini-icine\/728\/"}],"acf":[],"banners":"","maintag":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/728","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=728"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/728\/revisions"}],"predecessor-version":[{"id":7369,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/728\/revisions\/7369"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/730"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=728"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=728"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}