Book Demo!

In the last 24 hours, the news has been filled with reports about the Capital One data breach that impacts 100m customers.  According to the bank, the hacker gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people’s names, addresses, credit scores, credit limits, balances, and other information.

While reports do not provide the technical details of the breach, we do know that the hacker used a misconfigured application firewall. This vulnerability let the attacker inside the organization network and likely enabled her to gain privileged escalation or elevated access / credentials to sensitive data (i.e. customer data).

The Capital One Data theft showcases the importance of implementing a Zero-trust security model and privileged access management tools for hybrid and cloud environments. A zero-trust model is based on access control and not trusting anyone by default, even those already inside your network perimeter. It helps promote security of internal network components even if some of them are breached.

Privileged access management (PAM) tools, such as XTAM, help promote a zero-trust model inside corporate networks by limiting the access to vital resources even from devices inside the firewall. This limits the possibility of cybercriminal moving laterally inside the network.

PAM solutions do this by putting privileged credentials inside a secure vault or repository. System admins and other privileged users must go through the PAM software and be authenticated in order to access their credentials. The PAM software logs, records and monitors each session and can send alerts regarding suspicious activity.

PAM tools can control user access to cloud, hybrid or on-premise environments. Using a zero-trust approach, PAM software forces trusted users to go through the PAM solution to access corporate systems, companies can create a security perimeter across hybrid environment and effectively block malicious outsiders.

In the wake of the Capital One data breach, companies should begin implementing a zero-trust model and modern PAM tools. In fact, Gartner named PAM a top IT security project for 2019 and 2018.  This approach will help strengthen a company’s cloud, hybrid or on-premise network – even in the case of a breach.  Companies can feel confident that their infrastructure and privileged data will remain secure from threats and meet regulatory requirements.

Download Xton Access Manager

Xton Access Manager is a modern, cloud-ready approach to PAM software. An enterprise-grade solution, XTAM is designed to simplify privileged account management while limiting your risk of security breaches and regulatory issues.



Categories: Industry

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts


Improving OT Security

The Colonial Pipeline cyberattack brings operational technology/OT security strategies to the forefront. According to a CSO article, it’s the lack of visibility into the security status of OT systems likely forced the shutdown of their pipeline Read more…


MSPs Face Growing Cybersecurity Risks

CompuCom recently became the latest MSP hit by a cyberattack. The company estimates the attack will cost between $5 and $8 million in lost revenue and an additional $20 million in cleanup costs. For MSPs, Read more…


Fundamentals of Privileged Access Management

Having a successful privileged access management strategy is more important than ever. With cybersecurity threats on the rise, companies that control and manage privileged access reduce their risks. Yet, some companies believe privileged access management Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.