Citrix App Protection helps secure remote workers

Johannesburg, 03 Jun 2022
Kurt Goodall, technical director at Troye.
Kurt Goodall, technical director at Troye.

Many organisations are implementing a zero trust security model with data protection as a top priority. This is largely due to the increase in remote work and unmanaged personal devices playing a growing role in the enterprise.

While corporate-owned devices can be secured using anti-virus software, endpoint scans and MDM, many users don’t apply the same level of security to their personal endpoints. To deliver a best-in-class employee experience that keeps data secure in any scenario, IT needs tools that balance business continuity planning, BYOD and zero trust.

Troye technical director Kurt Goodall says App Protection is here for Citrix Virtual Apps and Desktops service. "We’re excited to announce that App Protection is now generally available to our Citrix Virtual Apps and Desktops service customers.

"This adds a critical layer of defence against social engineering, phishing events, key logging and screenshot malware for end-users accessing corporate resources through any Windows or Mac devices, whether personal, unmanaged or managed," he explains.

IT and end-users alike have seen the benefits of BYOD programmes, which have led to an increase of personal devices in the workplace. Additionally, many companies need gig workers and contractors to use their personal devices to get work done.

While IT takes measures to ensure that corporate-owned and managed devices are secure through policy administration, regular health checks and web filtering, gig workers and contractors might not take the same measures on their personal devices.

"It’s unlikely that they are monitoring the health of their devices at all, despite the fact that they likely visit social media and other popular sites that are havens for malware. So, while IT invests in security solutions at double-digit growth rates, the risk of a data breach is still high because personal devices infected with malware can enter any corporate network," he adds.

ATM cash-out attacks are on the rise and can be caused by silent keyloggers sitting on the computer. These attacks are carried out by inserting malware via phishing or social engineering methods into a financial institution or payment processor’s systems. Once infected, the system can transmit users’ personal data back to a third-party attacking system, causing huge financial liability.

Key logging and screen capture malware commonly affect unmanaged endpoints. When present on a device, key logging malware captures each key stroke entered by a user, creating a significant risk for an organisation. The malware captures all the information end-users type into a device, including user names and passwords.

Screen-capture malware periodically takes a snapshot of the user’s screen, saving it to a hidden folder on the device or directly uploading it to the attacker’s server. This also creates significant risk because the attacker can exfiltrate all the information on the user’s screen.

Even with managed devices, there is still the threat of social engineering. A common attack through social engineering is using screen sharing to steal data, money and more. In a screen share attack, the attacker will call and pretend they are tech support or IT and convince an unsuspecting target to screen share their device.

At this point, the attacker can infiltrate the device and take financial information, sensitive data and more. This is even riskier in businesses such as call centres, financial institutions, healthcare and any business handling sensitive customer and patient data.

Goodall says App Protection defends against accidental screen sharing by turning apps delivered through Citrix Virtual Apps and Desktops into black screens. "App Protection can complement your IT security strategy with a zero trust security approach, assuming all Windows or Mac devices, whether they are personal, unmanaged or managed, are compromised and protecting from data exfiltration."

To defend against key loggers, App Protection scrambles keystrokes entered in the device, sending the attacker undecipherable text. It also prevents screenshot malware by turning all screenshots into a blank picture.

For more information please visit



Troye is a leading 51% Black Women-Owned Level 2 BEE Information Technology solutions specialist and professional managed IT services provider.

Over the past decade, Troye has designed and implemented superior integrated IT solutions for its small, medium and enterprise customers - concentrating on end-to-end virtualisation solutions.

Troye invests heavily in its customers through exceptional service excellence. This ensures a better understanding of the customer’s business and their technology requirements. More importantly, it enables customers to focus on their core business activities with the assurance that their investment in technology is safeguarded.

Troye focuses on minimising both cost and risk, maximising return on investment, driving innovation and safeguarding their customer’s business for the future.

As one of only a few Citrix Platinum Plus Solution Advisors in South Africa, Troye holds the highest level of CSA partnership awarded by the software vendor. Troye won Citrix Partner of the Year award in the 'New SaaS' category and was awarded third place as Citrix's Cloud Partner of the Year for emerging markets.

Editorial contacts

Helen Kruger
Managing director
(011) 705 2757