
Protecting Data in a BYOD and Zero Trust World
Many organisations are implementing a zero trust security model with data protection as a top priority. This is largely due to the increase in remote work and the growing role of unmanaged personal devices in the enterprise.
While corporate-owned devices can be secured using anti-virus software, endpoint scans, and MDM, many users do not apply the same level of security to their personal endpoints. To deliver a best-in-class employee experience while keeping data secure in any scenario, IT needs tools that balance business continuity planning, BYOD, and zero trust.
Troye technical director Kurt Goodall says App Protection is here for Citrix Virtual Apps and Desktops service.
“We’re excited to announce that App Protection is now generally available to our Citrix Virtual Apps and Desktops service customers.”
“This adds a critical layer of defence against social engineering, phishing events, key logging, and screenshot malware. It protects end users accessing corporate resources through any Windows or Mac device, whether personal, unmanaged, or managed,” he explains.
The Security Risks of Personal Devices
IT and end users alike have seen the benefits of BYOD programmes. As a result, personal devices have become more common in the workplace. Many companies also rely on gig workers and contractors who use their personal devices to get work done.
While IT secures corporate-owned and managed devices through policy administration, regular health checks, and web filtering, gig workers and contractors may not take the same measures on their personal devices.
“It’s unlikely that they monitor the health of their devices at all. Despite this, they likely visit social media and other popular sites that are havens for malware. So, while IT invests in security solutions at double-digit growth rates, the risk of a data breach remains high. Personal devices infected with malware can still enter any corporate network,” he adds.
Keylogging and Malware Threats
ATM cash-out attacks are on the rise. Silent keyloggers sitting on a computer can cause these attacks. Attackers typically insert malware through phishing or social engineering methods into a financial institution or payment processor’s systems.
Once malware infects a system, it can transmit users’ personal data back to a third-party attacking system. This creates significant financial liability.
Key logging and screen capture malware commonly affect unmanaged endpoints. When present on a device, key logging malware captures every keystroke entered by a user, creating a significant risk for an organisation. The malware captures all information entered into a device, including usernames and passwords.
Screen-capture malware periodically takes a snapshot of the user’s screen. It either saves the image to a hidden folder on the device or uploads it directly to the attacker’s server. This creates significant risk because attackers can exfiltrate all the information displayed on the user’s screen.
Social Engineering Remains a Threat
Even with managed devices, social engineering remains a threat. One common attack uses screen sharing to steal data, money, and other sensitive information.
In a screen-sharing attack, an attacker calls a target and pretends to be from technical support or IT. The attacker then convinces the unsuspecting target to share their screen.
At this point, the attacker can infiltrate the device and access financial information, sensitive data, and more. This is especially risky for businesses such as call centres, financial institutions, healthcare organisations, and any business handling sensitive customer or patient information.
How App Protection Helps
Goodall says App Protection defends against accidental screen sharing by turning apps delivered through Citrix Virtual Apps and Desktops into black screens.
“App Protection can complement your IT security strategy with a zero trust approach. It assumes all Windows and Mac devices are compromised, whether personal, unmanaged, or managed. It then helps protect against data exfiltration.”
To defend against keyloggers, App Protection scrambles keystrokes entered on the device. This sends attackers undecipherable text. It also prevents screenshot malware by turning all screenshots into blank images.
App Protection is one example of how organisations can strengthen their digital workspace strategy while enabling secure access to applications and data from any location.