Security Roundup: BYOD, Wipro Attack, Okta-Evident ID, IoT Security

Written by Edward Gately
April 18, 2019

The number of devices per person far exceeds the number of employees to monitor.

A decade ago, the bring-your-own-device (BYOD) movement, where employees insisted on using their personal devices in the workplace, was in its early stages.

Today, that movement is realized as employees rely on their personal laptops and mobile devices to carry them between work and home — bringing to light the increased attack surface CIOs and CISOs most feared.

The number of devices per person (3.5) far exceeds the number of employees to monitor, leaving security to pick up the vulnerability pieces.

We spoke with Akshay Bhargava, Malwarebytes‘ senior vice president of innovation, to dive deeper into the BYOD phenomenon and how cybercriminals are taking advantage of it.

BYOD represents both a technology and cultural shift, he said. The technology shift was driven by the emergence of mobile devices, while from a cultural perspective, the way people work has “fundamentally changed,” he said.

Malwarebytes’ Akshay Bhargava

“While people are at home on personal time, they’re doing office work and sometimes when they’re on vacation they’re doing office work, so the line between what’s working time and personal time has also blurred,” Bhargava said. “And then the device piece, users use that same personal device for both purposes, for corporate work as well as personal work. Those are some of the historical things that we’ve seen that have kind of moved BYOD to become more prevalent, and also … to have it more of a contention point around security and privacy.”

The prevalence of attacks on BYOD devices is increasing, as is the data that can be accessed through a BYOD device, he said. And many of the “flavors” of malware are targeting BYOD devices in particular, he said.

“For example, the way that email appears on your laptop when you open Microsoft Exchange versus when you look at it on an iPhone are different, and some of the hackers have been really sophisticated to obfuscate the email address in a way that a lot of users don’t recognize that is a potentially suspicious email address because they only look at the name,” Bhargava said. “From an access point of view, when attackers are able to compromise BYOD, now they have access to often a very rich set of data.”

For example, Bhargava said his cellphone includes SaaS apps that connect to Malwarebytes’ Salesforce data and business operations data, as well as his personal photos, “so if an attacker is able to compromise my BYOD device, they’re also able to get access to a lot of corporate assets, as well as personal information.”

Organizations are making significant investments to try to get ahead of this problem, he said. In addition, users are becoming more sophisticated with the rise of bring your own security (BYOS), he said. And regulatory mandates like the General Data Protection Regulation (GDPR) also are emerging.

“One of the biggest things that we’re seeing as an endpoint security vendor is significant investment in endpoint security solutions, and basically part of that is organizations are looking to both detect when there are bad things that happen on devices and then being able to investigate when bad things happen,” Bhargava said. “Oftentimes there [are] a lot of interesting forensics data that they want to capture, and then … they want to be able to remediate.”

Organizations also are investing from a people and process standpoint, beefing up their operational practices around how you handle …