ITM is an open framework - Submit your contributions now.

Infringement

Disruption of Business Operations

Exfiltration via Media Capture

Exfiltration via Messaging Applications

Exfiltration via Other Network Medium

Exfiltration via Physical Medium

Exfiltration via Screen Sharing

Installing Unapproved Software

Providing Access to a Unauthorized Third Party

Public Statements Resulting in Brand Damage

Sharing on AI Chatbot Platforms

Unauthorized Changes to IT Systems

Unauthorized Printing of Documents

Unlawfully Accessing Copyrighted Material

ID: IF002.010
Created: 13th September 2024
Updated: 08th April 2025
Contributor: Ismael Briones-Vilar

Exfiltration via Bring Your Own Device (BYOD)

A subject connects their personal device, under a Bring Your Own Device (BYOD) policy, to organization resources, such as on-premises systems or cloud-based platforms. By leveraging this access, the subject exfiltrates sensitive or confidential data. This unauthorized data transfer can occur through various means, including copying files to the personal device, sending data via email, or using cloud storage services.

Preventions (4)

Detections (3)

Infringement

Account Sharing

Data Loss

Denial of Service

Disruption of Business Operations

Excessive Personal Use

Exfiltration via Email

Exfiltration via Media Capture

Exfiltration via Messaging Applications

Exfiltration via Other Network Medium

Exfiltration via Physical Medium

Exfiltration via Screen Sharing

Exfiltration via Web Service

Harassment and Discrimination

Inappropriate Web Browsing

Installing Malicious Software

Installing Unapproved Software

Misappropriation of Funds

Non-Corporate Device