With a rapid shift to remote work for so many companies, work styles have also shifted. One of the biggest changes has been how we meet. With an unprecedented number of employees working from home (but still needing to collaborate), use of web conferencing services has skyrocketed. Many are still figuring out best practices for web conferences, which has brought some much-needed moments of levity.
my boss turned herself into a potato on our Microsoft teams meeting and can’t figure out how to turn the setting off, so she was just stuck like this the entire meeting pic.twitter.com/uHLgJUOsXk
— Rachele Clegg (@PettyClegg) March 30, 2020
While most see this transition period as a change in how we’re working, others see it as an opportunity to exploit a time of uncertainty. According to security researchers, they have already detected “malware and phishing campaigns using COVID-themed lures, attacks against organizations that carry out research and work related to COVID, and fraud and disinformation.” Here are three risks presented by web conferencing and how Citrix can help:
Screenshot Malware
One potential risk presented by web conferencing tools is screenshot malware. Many organizations made the decision quickly to require remote work for most, if not all, of their employees. And some did so without a comprehensive business continuity plan in place. In many cases, employees were directed to work from their personal, unmanaged devices. IT departments don’t have oversight of these devices or the risks associated with them. In some cases, devices might be infected with malware that takes periodic screenshots, which are then uploaded to a remote server only accessible by the attacker.
This creates significant risk for organizations because any information that was shared on the screen during the meeting can be exfiltrated. For those that are subject to industry regulations, like organizations in healthcare, finance, or government, the result can be significant financial penalties.
How Citrix Helps
App Protection protects against screenshot malware by returning a blank screenshot instead of the information presented on a user’s screen. For example, if medical professionals are reviewing a patient record in a web conference and an unknown attacker takes a screenshot, here’s what they’ll see:
Coming soon, Citrix customers can protect online meetings by delivering their web conferencing solution as a SaaS app through Citrix Workspace. Web conferencing sessions initiated through Citrix Workspace will be defended by App Protection, returning blank screen shots instead of what was presented on the screen during the meeting. While protecting virtual meetings is of critical importance, App Protection will soon block screenshots for all SaaS and web apps delivered through Citrix Workspace. So, regardless of whether the sensitive information on your screen is being shared in a web conference or being accessed through any SaaS app, Citrix will have you protected.
Accidental Screen Sharing
Additionally, many people are now using web conferencing tools for virtual get-togethers with friends and family. This also creates risk because device use for personal and business reasons gets blurred. For example, Dwight is wrapping up his work week on his BYO device by finishing a report in a virtual app that houses business-critical data. He launches a locally installed web conferencing app to join a virtual happy hour with friends, including some who work at a competitor. But, he forgets to close his business app before joining. He shares his screen with the intention of sharing personal pictures, but he accidentally shows his business app with company data, exposing it to everyone in the meeting.
How Citrix Helps
While accessing web conferencing software through Citrix Workspace will solve many of the data exfiltration issues, there’s still the issue of when it’s installed locally and is subject to personal use. Let’s return to our friend Dwight. If the business application was delivered as an on-prem virtual app, App Protection would have prevented it from being visible on the screen, protecting the data.
Web Conferencing Portal Spoofing
Another new risk is the increase of sites spoofing popular web conferencing sites. While these sites look like the portals users are now accessing on a daily basis, they are designed to distribute malware to unsuspecting visitors. Researchers have discovered that some of these sites “will launch an InstallCore installer that will try to install potentially unwanted third-party applications or malicious payloads depending on the attackers’ end goals.”
How Citrix Helps
Citrix Secure Workspace Access can help protect users who inadvertently visit a web conferencing spoofing site. Web filtering capabilities enable Citrix admins to block access to categories of sites, like gambling, torrents, or social media. It can also block access to sites that are known to distribute malware, like sites spoofing web conferencing portals.
While web filtering can block access to sites known to distribute malware, many of them are new. In fact, 1,700 new domains designed to spoof a popular web conferencing site have been registered since the beginning of 2020. In these fast-changing scenarios where the malicious intent of a new site has not yet been recognized, Citrix can still protect your data and your users with a cloud-based, isolated browser. In this scenario, when a user clicks on a link or visits an unknown site, a browser that is hosted in Citrix Cloud is dynamically initiated. Any damage caused by a visit to the site, like the installation of malware, will never touch the user’s device or any of the organization’s infrastructure. As a fully hosted Citrix Cloud service, it requires no hardware investments and has minimum administrative overhead. With support for Citrix Workspace app for HTML5, there is zero endpoint configuration, making this a highly effective solution that can be available to users within minutes rather than days or weeks.
Learn more about Citrix Secure Workspace Access and App Protection.
