ARCON recognized as a Customers’ Choice in the Gartner Peer Insights 'Voice of the Customer' for Privileged Access Management. Read More





Managing IT Risks in CSP Environments

The Impending Risk in CSP Environments It is very important for organizations to think, analyze and peruse the IT security factors of a Cloud Service Provider (CSP), which possesses every possible sensitive detail of an organization’s IT resources. Indeed, the cloud managers literally have complete control over the cloud infrastructure, even as the IT security staff has to manage and control not only the cloud console admins but also the various kinds of identities that access a host of applications and development platforms.  Recently, a former engineer from one of the leading CSPs was found guilty of hacking into more [...]

Posted On | 24-06-2022
Privileged Accounts, Data Breach

Cloud Services Adoption: Urgent Requirement for Regulatory Guidelines

According to Gartner, worldwide end-user spending on public clouds could reach almost $500 billion in 2022. In addition to the financial benefits (cost effectiveness), cloud computing offers more scalability, flexibility, mobility, and operational efficiency. For various reasons, it is very obvious that storing and analyzing data on the cloud is at the core of digital transformation. And that’s why Indian commercial banks want the regulator, the Reserve Bank of India (RBI) to lay down a clear set of security and compliance guidelines that would allow Indian banks to adopt cloud computing in a big way.  Grappled with falling margins, accumulating [...]

Posted On | 10-06-2022
Privileged Accounts, Data Breach

Reinforcing the IAM Fabric for Digital Innovation

From a wide range of merchant payment providers to peer-to-peer lending platforms, payment gateways have come a long way to remodel the financial services space. Thanks to technological advances, there is a complete transformation of the ways we manage our finances.  Financial innovation has ushered financial inclusion. Indeed, different digital payment modes have not just opened a sea of options in front of us but also eased our lives beyond ATM machines and cash transactions. We have mobile apps to check, update or transfer money through mobile banking. We have e-wallets to ease our payment processes in e-commerce platforms and [...]

Posted On | 27-05-2022
Privileged Accounts, Data Breach

Zero Trust, Controlled Privileges and Data

ARCON has always propagated the message of controlling and protecting the inner realm of an organization’s IT network. It builds the foundation for robust cybersecurity.  Whether the cyber-criminal sits outside the realm or is present inside the periphery, typically it is the compromised insider-privy to confidential information- who is behind an insider attack or cyber-espionage. Recently approximately thirty (30) multinational companies faced the wrath of state-sponsored actors. The incident has brought to the forefront yet again the dire need to adopt robust access management methods to prevent the theft and exfiltration of sensitive data.  What exactly happened? A report published [...]

Posted On | 24-05-2022
Privileged Accounts, Data Breach

Critical IT Infrastructure: Time to Push the Alert Button

Overview It is not uncommon that critical systems are often targeted by cyber criminals. And we have documented it from time to time. But this time the attack was on toll collection systems.  Indeed, gone are those days when you take out your wallet to pay highway tolls while driving through the city suburbs. Today the latest technologies are adopted at the highway tolls for making the payment process fast and easy. With the help of the Radio Frequency Identification (RFID) technology, toll payments are made directly while the vehicle is in motion. A device is affixed on the windscreen [...]

Posted On | 27-04-2022
Privileged Accounts, Data Breach

Data Security: A Never-ending Concern | Risks To Watch | ARCON
Data Security: A Never-ending Concern

It is not a bank, a government entity or a healthcare organization! This time the cyber crooks strike hard on the entertainment industry! Recently, a USA-based vendor that designs graphics processing units for the gaming and professional markets suffered a compromise of emails of more than seventy thousand employees. Can there be anything worse? The victim also manufactures chip units for the mobile computing and automotive market. As a result, they had a huge and irreparable face loss in front of the global market.  The pattern and extent of the IT risks that organizations are exposed to today are getting [...]

Posted On | 25-03-2022
Privileged Accounts, Data Breach

Social Engineering and Data Breach
Social Engineering and Data Breach

There is no question regarding how technically highly-advanced and sophisticated cyber-criminals are. They possess adequate skills and know-how to intrude inside the IT network and steal sensitive information and bring the IT ecosystem to a standstill. Nevertheless, one often overlooked fact is that most of the IT incidents stem from social engineering: an act of stealing sensitive information through deception and using fraudulent and manipulative ways. And an insider is the key link in this social engineering who can provide necessary information to other actors for executing targeted attacks. Indeed, social engineering has shaken the cyber world time and again. [...]

Posted On | 11-02-2022
Privileged Accounts, Data Breach

Password: A major security vulnerability

Just think of our day-to-day life. Typically, we all have common passwords for email accounts, social media accounts and bank accounts, which can result in a nightmare, if compromised. On a personal level, if a password breach can affect us so gravely, what would happen if the same happens to privileged accounts for a large enterprise? Did you know that poor password management is one of the biggest sources of data breach? Many surveys show that more than 75% of times hacking of systems and misuse of confidential information arises from poor password management. There are hundreds of privileged passwords [...]

Posted On | 10-07-2020
Privileged Accounts, Data Breach

Are healthcare chains doing enough to protect data privacy?

Recently, an exclusive report from The Economic Times has unveiled that almost one million medical files of Indian patients were openly accessed online. With zero security measures for the privacy of sensitive details like patients’ names, addresses, date of birth, mobile numbers, Identification numbers, ailment types, physician details et al, a couple of reputed hospitals and medical centers have to answer many questions related to data privacy. Besides, X-ray reports, MRI reports and scan test results were also easily accessed which includes both patients’ and doctors’ details, who have referred and reviewed the cases. The servers on which these records [...]

Posted On | 07-02-2020
Privileged Accounts, Data Breach

Unguarded Servers: Major reason behind data breaches of 2019

Overview A good number of alarming data breach incidents in 2019 have emphasized on the fact that unmonitored or uncontrolled servers are the biggest reasons behind organizations’ financial and reputational downfall. One of the biggest public sector banks in India exposed the data of more than 420 million customers at the beginning of 2019. Investigation revealed that the data server, located in Mumbai, containing bank account numbers, bank balances and contact details of the account holders was breached due to the unprotected nature of the server. In addition, high tech-savvy nations in the Middle East region suffered a massive data [...]

Posted On | 24-01-2020
Privileged Accounts, Data Breach

Pharma Industry Data Breach Challenge: Beyond usual Industry Risks

Most pharmaceutical companies agree that the losses from cyber attacks could be escalating alarmingly in the coming days. According to the latest research report of The Economic Times group, only 5-10% pharmaceutical organizations have deployed cybersecurity solutions to combat hacks and breaches. Lack of proper data security measures are luring cyber crooks to target this lucrative industry. The pharmaceutical industry is lagging behind other industries when it comes to deployment of IT security solutions majorly due to lack of management concern. Most of the organizations in this industry are concerned about the challenges arising from new/ latest drug approval process, [...]

Posted On | 16-09-2019
Privileged Accounts, Data Breach

Some Common Mistakes Leading to Privileged Access Misuse

In the age of digitization, while organizations are busy with the digital transformation, cyber crooks take this as an opportunity to look out for loopholes in the security of IT infrastructure and exploit them to steal as much information as possible. The administrative IDs and privileged credentials are the most vulnerable among all. Organizations very often put their data into grave risks by allowing multiple users including third-party service providers access privileged accounts and administrative accounts without any kind of monitoring mechanism. This gives ample opportunity to the cyber crooks to peep into the system and exploit the loopholes. Here [...]

Posted On | 30-08-2019
Privileged Accounts, Data Breach

Strengthen Access Control Mechanism to Mitigate Third Party Risks

Banks continue to be the most targeted organizations by data-greedy hackers in this digital economy. While several reports show that the compliance framework among European organizations is still not up to the mark post-implementation of the GDPR -- a period that witnessed several data breach incidents, another breach incident has raised a fresh question on the security measures adopted by the Banking industry in the region. Despite the stringency of EU GDPR standards, it is shocking to come across this incident mostly due to the lackadaisical attitude towards access control mechanism. The data-heist in European Central Bank (ECB) a few [...]

Posted On | 23-08-2019
Privileged Accounts, Data Breach

Cyber Criminals Target Data, not Industry

Today, data breach incidents have become common news headlines across the globe. A layman’s psychological traits drive the idea of any data breach incident towards financial institutions. According to the trends and our findings, we come across several instances where people estimate the common reason for any breach incident is to take hostage of confidential information, database of any financial organization. However, it is highly essential to realize that data breach incidents are never restricted to the financial industry; instead, today every industry is vulnerable. Every Industry is Vulnerable In today’s time, no industry is safe from data breach threats. [...]

Posted On | 02-08-2019
Privileged Accounts, Data Breach

This Massive Information Breach should be an Eye-Opener

The National Aeronautics and Space Administration (NASA) must have been embarrassed to be in the news of being a victim of data breach. However, the fact is, this “unexpected” incident has reminded the cyber world that there is no organization in the world which is foolproof against cyber-crime. Moreover, it has also brought to the forefront why there is an urgent need to shore up IT infra with adequate safeguards as the recent incident shows that the data breach remained undetected for about 10 months. How NASA was breached? The hacker used Raspberry Pi, a small credit-card sized computer, to [...]

Posted On | 12-07-2019
Privileged Accounts, Data Breach

Reinforcing Information Security – Need of the hour in Africa

Threat Landscape One of the major news channels of South Africa suffered massive data breach compromising data of 60 million users (mostly South African citizens) during March 2017. This is considered to be the largest data breach incident in the history of South Africa. Once the hacking news spread like wildfire among the cyber security experts, most of them believed it to be a work of some wily cyber crook. However, later on, it was found that the hacker didn’t require any effort to access the crucial information. Personal Information leaked due to easily accessible Web server. Apart from this [...]

Posted On | 10-05-2019
Privileged Accounts, Data Breach

Privileged accounts security: Addressing the most common pain point for an enterprise

Organizations , in order to scale up operations and boost efficiency, have been adapting to newer technologies. The pace at which modern day enterprise is streamlining IT operations by embracing technology changes is simply a manifestation of the ongoing velocity of digital transformation across all industry verticals. Organizations understand it very well that to be among the best, it is imperative to constantly improve upon operation and process management. One area where ARCON is observing rapid transformation among today’s enterprises is an adaptation to cloud technologies and managed service environments. From global oil & gas majors to media companies, enterprises [...]

Posted On | 16-02-2018
Privileged Accounts, Data Breach

Is your organization equipped for timely detection?

Theft or misuse of critical information assets from compromised insiders, in most cases, occurs as organizations fail to timely detect unusual or suspicious activities around privileged accounts— gateway to highly confidential information that is stored in database servers, devices, applications of a typical data center. While a growing crop of organizations—large or small—are turning more vigilant in protecting the outer periphery by deploying expensive network security solutions to thwart cyber attacks, IT systems often in the case of a breach lack proper mechanism in place to protect data from rogue insiders entrusted to access privileged accounts. As discussed in one [...]

Posted On | 23-08-2017
Privileged Accounts, Data Breach

How secured are you against data extrusion threat?

Having at the forefront of information risk management industry for more than a decade now, we have observed that enterprises remain most vulnerable in protecting their highly critical asset—data. Our implementation team, which has been mapping diverse IT architectures of enterprises of all shapes and sizes and integrating risk-control solutions, often finds that firms usually keep a bulletproof network security to keep malicious traffic out. However, a very scant attention is paid towards protecting the digital assets. While lack of proper mechanism in place like Privileged Access Management (PAM) / Privileged Identity Management (PIM) solution / Privileged Identity Management exposes [...]

Posted On | 18-04-2017
Privileged Accounts, Data Breach

Small Mistakes can erode Social Media’s Amazing Influence

Social Media: who would have thought about a decade ago thata host of websites and applications that allow social networking, will become a core part of our daily life? Indeed, from running all sorts of promotional campaigns to familiarizing brand/products and from putting forward your thoughts on current affairs to finding your long-lost friends, social media’s reach and benefits are boundless. Having said that; it also makes us extremely vulnerable in an ever-increasing digitized world, something which, Mark Zuckerberg, founder and CEO of Facebook learned it the hard way. He fell victim not so long back to a hacking group, [...]

Posted On | 28-09-2016
Privileged Accounts, Data Breach

As Firms Switch To Hybrid IT Environment, Data Security Will Need a Closer Look

Disruptive technologies such as cloud computing offer many advantages to organizations. As the technology allows to store data in cloud service providers’ servers, it helps firms to cut IT-related spending. Indeed, sans cloud-computing technology, most organizations, would bear more costs to deploy a network of devices in their IT ecosystem to store data. In addition, it also tends to spur employees’ productivity. Not surprising then more and more organizations are shifting from legacy, owned-infrastructure to hybrid IT environment or complete public/private cloud environments. According to McKinsey’s study, switch to cloud computing would accelerate in coming years. The study found that [...]

Posted On | 26-09-2016
Privileged Accounts, Data Breach

Have You Secured Those Master Keys to Your IT Network?

Data breaches continued to haunt corporations across the world. From Japan’s largest travel agency to UK’s leading accounting software firm and from America’s prominent hospital chain to Africa’s emerging financial institutions, organizations spanning varied industries and different sizes got their data exposed this year as malefactors exploited slightest of the security gaps. Such incidents would continue to surface as malicious insiders and cyber intruders have incentives to steal the data. Indeed, your database is a treasure trove of highly classified information. Data is now a new commodity in cyberspace. It sells. Unfortunately, though, a good number of organizations still have a [...]

Posted On | 15-09-2016
Privileged Accounts, Data Breach

Select Category