(Continues from Part – 1…)
How did this happen and why?
There is extensive data flow in the media industry. There are multiple sources from where data is accumulated and stored in databases and servers in different forms. The most common types/ categories of data that media companies generate are:
- Detailed news, reports or interviews
- Client/ Customer records
- Crucial business contracts
- Details of guest writers, guest editors or celebrity visits (for print media)
- Admin/ HR data (Operations & employee data)
- Accounts/ Financial records
- Confidential records of upcoming programmes/ events/ publications
- Web Series/ Events/ Programmes streaming records (digital & electronic media)
Now the obvious question which arises is how do media companies store these valuable data? Do they adopt adequate data security measures? Do they track who is accessing what, when and for which purpose? Most of these data records are accessed by authorized users with the help of privileged accounts. However, media companies having a typical shared and distributed environment, face challenges to monitor all the user activities happening inside the network. Once the cyber crooks find any unmonitored privileged account, they get the license to misuse the loophole and breach those critical data.
The organizations that take the help of Digital Media to promote their products, new launches, release news of awards/ recognitions or even doing press releases, share lots of crucial and sensitive information with the media company so that they can do their job properly. In this scenario, if the media company does not have robust security practices to protect their databases and applications, then they not only put their own data into risk, but also their clients’ data which deserves the utmost privacy. Similarly, in Electronic Media, the programme schedule and series of events that are planned well in advance with the details like time, channel, conducting person, assigned associates – everything is stored in their databases. Without any proper IT security practice, the organization simply gambles with their own reputation by luring cyber crooks to perform their malicious activities. Print Media, on the other hand, keeps track of their news, reports, interviews, featured articles, advertisements, advertorials – everything in the database which is accessed by the sub-editors and Editor-in-Chief who list down all the details as available and schedule them to ensure correct printing commands to the print house. Apart, there are separate databases, where the media company keeps track of the clients who are advertising in their newspaper/ publication, list of authorized vendors who are in charge of distribution, journalists who submit their reports, archive news et. al. These are accessed through privileged accounts by authorized persons, majorly by the editorial heads. If these accounts are adequately secured, then it is imperative that the media company possesses high risks of a data breach or data misuse.
Role of Privileged Access Management
Any unmonitored account can invite unauthorized users in the network and allow malicious activities through the privileged accounts that are access points to confidential data as mentioned above. To secure those highly critical accounts, a robust Privileged Access Management (PAM) solution can ensure secured activities in the enterprise network with the help of User Authorization, Multi-factor authentication, and Session monitoring. Once all the users logging to the accounts are authorized by PAM and the users have to undergo a multi-level authentication process, then organizations can ensure the security of their data assets. Moreover, each and every privileged session, if monitored by PAM, would ensure that the IT administrators are notified immediately if anything suspicious is found. This is how Privileged Access Management (PAM) signifies its importance in the media/ entertainment industry.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.