Enterprise BYOA opens “secret tunnel” to the dark web
There’s an unguarded doorway into your organization that by-passes perimeter security and puts customers’ personal information and employee records in jeopardy.
While your IT department focuses its energy on preventing direct hacking attacks or email phishing scams, hackers have found another way in –it’s invisible, yet in plain sight.
Seven out of 10 employees use consumer instant messaging apps (IM) like Facebook Messenger, Snapchat and WhatsApp during work hours. Some are sending as many as 100 personal messages a day on company time.
Cyber-security expert Professor Alan Woodward of Surrey University, U.K., and co-author of a new white paper Hacker-nomics: Introducing the Dark Web gives a blunt warning about employees bringing personal phones laden with consumer apps – a phenomenon known as Bring Your Own App (BYOA) - into the office and connecting to the corporate network.
“We have seen so many problems with apps that have been infiltrated with malware that it is tantamount to throwing away all of your perimeter security,” he says.
Worse still it can act as a jumping off point for attackers to gain access to customer data they have no right to see let alone access.
Proper enterprise-class group collaboration and messaging apps provide centralized management and military grade security.
But WhatsApp and Facebook Messenger?
It’s like opening up “a secret tunnel into your organization,” the professor says.
At the other end of the tunnel is the Dark Web.
Here hackers trade stolen data for Bitcoin through e-commerce sites where you can buy anything from drugs, stolen goods and weapons to personally identifiable information (PII) harvested from large-scale data breaches.
By bringing their own devices and apps into your organization without any security controls, the shady world of breached data is one step closer to your office door.
Omri Sigelman is a mobile security veteran and Co-founder & Chief Strategy & Product Officer of NURO Secure Messaging : an enterprise messaging and collaboration platform with military grade security.