Unguarded Servers: Major reason behind data breaches of 2019
Jan, 24 2020 | Privileged Accounts, Data Breach
A good number of alarming data breach incidents in 2019 have emphasized on the fact that unmonitored or uncontrolled servers are the biggest reasons behind organizations’ financial and reputational downfall. One of the biggest public sector banks in India exposed the data of more than 420 million customers at the beginning of 2019. Investigation revealed that the data server, located in Mumbai, containing bank account numbers, bank balances and contact details of the account holders was breached due to the unprotected nature of the server. In addition, high tech-savvy nations in the Middle East region suffered a massive data breach that exposed the flight itineraries and details of high-ranking Israeli officials, including that of the Prime Minister. This incident impacted the data of about 36 million booked flights, 15 million passengers, 7,00,000 visa applications and over 1 million hotel bookings exposed to cybercriminals. Reports say that an uncontrolled and unmonitored server was quite easily accessed by cybercriminals.
Unguarded servers were found to be the major reasons behind the biggest data security breaches in Indian companies in 2019 - an analysis by The Economic Times shows. These incidents imposed significant monetary losses as well as other productivity losses. There were reportedly more than 3,13,000 cybersecurity incidents in the country in 2019, according to the Computer Emergency Response Team-India (CERT-In), the country’s nodal cybersecurity agency.
Organizations from the banking and telecom industry have fallen prey to some of the biggest cyber hacking incidents last year. Not only that, a good number of startups saw attacks that exposed consumer data beyond recovery. Startups are the backbone of “Digital India” and thus they are more exposed to data breach because these organizations hardly take cybersecurity in their business agenda. Apart from that, startups generally do not have adequate financial backup to overcome disasters like cyber attack. Hence, startups are not inclined towards cybersecurity and the focus is more towards high growth.
Most of the organizations had to pay hefty prices to overcome this loss and company share prices also dropped miserably, impacting revenue and overall brand value. In the past six years, the global average cost of a data breach has grown by 12%, totaling $3.92 million per breach in 2019, according to the Cost of a Data Breach report by the Michigan-based Ponemon Institute and IBM Security.
Role of Privileged Access Management
The majority of the data breach incidents happen when the server activities are not monitored and controlled. Compromised insiders and third parties that have access to servers typically misuse privileged accounts to steal, abuse or sabotage critical data. Therefore it is highly important to create a strong vigilance around privileged accounts. Privileged Access Management (PAM) is a practice of controlling, monitoring and managing privileged users. PAM ensures all the access to target systems is authorized, authenticated in addition to audit trails that provide an account of every log to privileged sessions.
It is a universal challenge for an IT administrator to monitor hundreds of privileged tasks at any given point of time. Privileged Access Management (PAM) offers a centralized engine to ensure a rule and role-based access. Most of the organizations lack robust PAM practices which is why there was a staggering amount of security breach incidents in India.
ARCON | Privileged Access Management is a full-blown solution that helps organizations to protect information assets by offering the following features.
- Robust Authorization and authentication mechanism to ensure only authorized users can access to target systems
- Clearly defined rule and role-based policy for the privileged users to ensure granular level control over the privileged activities
- Real-time monitoring of the privileged sessions so that anything suspicious happening can be freezed in real-time
- Frequent randomization of privileged passwords through password vaulting so that compromised insiders can never misuse the credentials to gain unauthorized access
- Compromised and customized reporting of all privileged tasks
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.