Intelligent CISO Issue 08 | Page 75

It’s vital that companies find a way to protect sensitive data without restricting employees. the hackers, they blame the company for not being secure enough. This means mobile app security has to be a top priority for any business. A critical element of mobile app security is having the ability to track and manage the phone and app’s machine identities – i.e. the system of trust which authenticates and enables communications between the app and the device it is running on. If a hacker is able to hijack one of these identities, they can appear ‘trusted’ to the app and the device. As a trusted entity, the hacker could then make a number of requests, for instance escalating privileges to steal sensitive data, spy on the communications, or gain access to other applications. to take advantage of, potentially putting customer data at risk – as demonstrated by the recent British Airways data breach. In this instance, a weakness in the BA app allowed criminals to make off with the financial data of 380,000 customers, exposing the company to tremendous reputational and financial damage. Yet, shockingly, BA were unaware of the issue until a third party informed them about some unusual activity. Martin Thorpe, Enterprise Security Architect at Venafi www.intelligentciso.com | Issue 08 Whenever a customer’s sensitive information is stolen, they don’t blame In order to secure these machine identities, businesses must discover, monitor and control all the machine identities on their network to make sure that none are being abused by malicious actors. Given the number of machine identities that the modern companies are dealing with can easily number in the millions, this means automation. Automating the process ensures ongoing validation for all machine identities on your network – both of apps and other machines – and allows any compromised machine identities to be quickly spotted, revoked and replaced without any loss of data or risk of reputational damage. u 75