A young man named Sumit joined an organization as a junior sales associate. The company allotted him a laptop for his daily work activities. Sumit found that the laptop was used by the previous employee and it was given to him since he is no more associated with the organization. However, Sumit did not bother and readily set off for his new professional journey.
Things were going smooth till one day he found something very erratic and suspicious. One of his prospective clients responded to one of his emails with a strange reply. The client pointed out that the presentation he shared is strikingly similar to that of some other organization who is into the same business and has approached them already. They are relatively new in the market. Initially, Sumit considered this to be a rare coincidence and conveyed his opinion via email. However, similar incidents started to repeat with other clients as well.
Sumit sensed some danger and decided to escalate the matter to his seniors. Within a few days, the matter reached the management and detailed enquiry was ordered. After rigorous investigation, it was found that the old employee who left the organization a few months back continued to access his ex-employer’s file servers with the help of a disgruntled insider. Privileged credentials were compromised.
In today’s enterprise IT environment, disgruntled or malicious insiders by stealing or abusing confidential information can destruct the business and tarnish the brand image of an organization. With enterprises scaling up IT infrastructure in order to benefit from modern-day IT advancements like big data analytics, cloud computing, a robust rule and role-based-access control is a must. It is essential to have an Information Security framework around people and policies that ensures every access to critical systems is authorized, authenticated and documented. Privileged Access Management helps in building a robust security posture.
Insiders, compromised ex-employees, and cyber criminals take advantage when there is no robust access control (especially around privileged accounts), privileged credentials are shared or authentication mechanism is weak. Today, organizations have multiple data centers, hundreds of privileged accounts to manage ample data generated every day. In a shared and distributed enterprise IT environment all these security criteria become highly imperative. ARCON, in an exclusive research found that almost 71% organizations have suffered data breach recently or earlier. Among the remaining 29% organizations who are still lucky, 72% among them believe that security of privileged accounts is a major concern area.
There are numerous incidents where we find hackers took help of some malicious insiders to breach privileged accounts and steal confidential information. Similar to that of the above incident, not even a week back, one of the former staff of Singapore’s health ministry department misused his authority to access confidential records of more than 14,000 medical records and complied with the security guidelines. Earlier in 2016, hackers gained access to the emails of the Democrats just before the US Presidential election leaking more than 20,000 emails and accessing data to a big embarrassment to the party. Needless to mention, the party’s image was tarnished and eventually it lost the election. It is debatable whether this breach helped the opponent to win the election, but it certainly underscored the fact that critical systems are at grave risk. And in most cases, hackers or insiders gain unauthorized entry through privileged accounts.
In a nutshell, privileged accounts are the most vulnerable IT assets for any enterprise. Privileged accounts manage sensitive data of any business. The cyber crooks and compromised employees (or ex-employees) always look for those vulnerable unmonitored accounts which are the keys towards data theft. Thus, the importance of Privileged Access Management (PAM) knows no bounds.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.