Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • About Us

    Much of the current discussions surrounding the growing—and inevitable—trend of consumerization are focused on the impact of bring-your-own device (BYOD) and managing the growing diversity of mobile devices. However, another aspect that IT administrators and even business owners should not forget to consider are the other consumer-oriented technologies and services employees may have access to in the workplace.

    Like BYOD, the benefits that come along with consumer technologies like instant messaging applications, social networking sites also bring about certain risks to corporate data. For one, these “consumerized” applications have had their fair share of threats that exploited their capabilities for cybercriminals’ and other threat actors’ gain.

    What Goes In, What Goes Out

    Recently, a backdoor was discovered to be attempting to compromise thousands of WordPress blogs through a brute-force attack. This poses a risk to organizations that may be using this blogging platform for corporate communications.

    Last week’s discovery of the Citadel botnet’s resurgence in Japan can be another example. According to our researchers, the recent campaign was found to be targeting customers of banking and financial institutions that are only native in Japan, specifically those with webmail accounts. This “localized” tactic is notable in itself. If put in the context of, say, a Japanese employee accessing his or her GMail account in the office and accidentally setting off a data-stealing malware in the corporate network, then the repercussions can increase exponentially.

    But beyond malware, web threats, and other attacks that will attempt to go inside the organizations’ perimeters and get access to information, the risks these consumer applications can bring may also come in the data they can bring out. As predicted, we have seen cybercriminals abuse legitimate services to carry out their attacks. The VERNOT malware is an example of such an attack: it abuses a popular (and consumer-friendly) cloud storage service to send whatever data it gathers from an infected machine.

    In addition, some businesses may have strong perimeter defense, but may not have the adequate technologies or capabilities to monitor data packets passing through “normal” Web traffic these applications use. Thus, system IT administrators may be blind to employees who are (un)wittingly disclosing information about the company through their personal emails or instant messaging conversations.

    Balancing Freedom and Control

    Organizations need to find a balance between providing enough freedom for their employees and maintaining visibility and control to their data, wherever and however they are accessed. Having a solid plan to embrace consumerization in all its technological aspects—device, software, platform, etc.—is the first step to do so. More importantly, clear and well-thought-out policies (which should include strong employee awareness programs), as well as the proper technologies and solutions to identify and protect the most critical corporate data, should also be put in place.

    To know more about managing data in consumer applications and services, check out our latest primer and infographic:





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice