2.2. That's Why They're Called Trojan Horses
Today, users are accessing networks from anywhere in the world, at any time of day, through an array of access technologies and devices that may run any number of operating systems and applications. Although mobility has helped raise productivity and profits for companies around the world, it has also meant sleepless nights and headaches for administrators and trouble for their networks. Administrators now have no idea where a user's device — whether it's managed by the company or not — has been before it attempts to access the enterprise network. The user could have been surfing the Internet and accessed Web sites that carried hidden dangers (such as worms, keystroke loggers, rootkits, botnets, backdoors, or other nefarious forms of malware). Or, even though company policy may forbid it, the user may have allowed his or her child, significant other, or another individual to use his or her device; that person may have launched a chat site or sent an instant message to friends, or even disabled antivirus or other anti-malware checks because they made the PC run too slow, providing an open invitation to malware or other culprits.
These and other traps could be lying in wait for the user whom the company trusts and who uses a trusted, managed device. When that user reconnects to the company's network, the malware or hack lying in wait uncoils its wrath upon an unknowing company network, that network's users, and its connected devices. They didn't name that nasty malware Trojan Horse for nothing!
Of course, sophisticated, well-funded hackers can spawn and launch virulent forms of malware. Many times, these hackers aren't in it for the glory or bragging rights; they're in it for the cash, holding ransom the vital data that they retrieve from corporate networks through insidious means. Data-nappers ransom the data back to the corporation that they breached; or, if the company doesn't meet their ransom demands, they sell the stolen data to the highest bidder.
NOTE
These malware attacks typically use the managed, trusted device of an unknowing trusted user as a transfer agent for the spread of viruses, spyware, adware, Trojan horses, worms, bots, rootkits, keystroke loggers, backdoors, dialers, or other malicious applications onto the enterprise network or directly to other unsuspecting user devices. These attacks put intellectual property, personal data, and sensitive information at risk, and they can have a serious impact on productivity, safety, cost, and even reputation.
Not knowing where a user's device has been before it connects to the network can be dangerous. Not having a way to protect against malware and breaches can be disastrous.