Book Demo!

In the last 24 hours, the news has been filled with reports about the Capital One data breach that impacts 100m customers.  According to the bank, the hacker gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people’s names, addresses, credit scores, credit limits, balances, and other information.

While reports do not provide the technical details of the breach, we do know that the hacker used a misconfigured application firewall. This vulnerability let the attacker inside the organization network and likely enabled her to gain privileged escalation or elevated access / credentials to sensitive data (i.e. customer data).

The Capital One Data theft showcases the importance of implementing a Zero-trust security model and privileged access management tools for hybrid and cloud environments. A zero-trust model is based on access control and not trusting anyone by default, even those already inside your network perimeter. It helps promote security of internal network components even if some of them are breached.

Privileged access management (PAM) tools, such as XTAM, help promote a zero-trust model inside corporate networks by limiting the access to vital resources even from devices inside the firewall. This limits the possibility of cybercriminal moving laterally inside the network.

PAM solutions do this by putting privileged credentials inside a secure vault or repository. System admins and other privileged users must go through the PAM software and be authenticated in order to access their credentials. The PAM software logs, records and monitors each session and can send alerts regarding suspicious activity.

PAM tools can control user access to cloud, hybrid or on-premise environments. Using a zero-trust approach, PAM software forces trusted users to go through the PAM solution to access corporate systems, companies can create a security perimeter across hybrid environment and effectively block malicious outsiders.

In the wake of the Capital One data breach, companies should begin implementing a zero-trust model and modern PAM tools. In fact, Gartner named PAM a top IT security project for 2019 and 2018.  This approach will help strengthen a company’s cloud, hybrid or on-premise network – even in the case of a breach.  Companies can feel confident that their infrastructure and privileged data will remain secure from threats and meet regulatory requirements.

Download Xton Access Manager

Xton Access Manager is a modern, cloud-ready approach to PAM software. An enterprise-grade solution, XTAM is designed to simplify privileged account management while limiting your risk of security breaches and regulatory issues.

 

 

Categories: Industry

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts

Industry

Can I use Microsoft Local Administrator Password Solution for privileged management?

Lately, we have received questions about using Microsoft Local Administrator Password Solution (LAPS) to manage local administrative privileges. With more employees working remotely these days, companies are looking for ways to boost their security posture Read more…

Industry

Protecting PII and Personal Data During a Pandemic

Regardless of the business you are in, you likely must adhere to some government guidelines or regulations (HIPAA, GDPR, Sarbanes-Oxley, PCI DSS, ISO/IEC 27002 controls, etc.) regarding how you store, use and secure information. This Read more…

Industry

5 Reasons MSPs Need PAM Software

It is a busy time for managed service providers. Many small and medium-sized companies just don’t have the resources in-house to manage all their IT, security, remote access and cloud requirements. Outsourcing IT and cybersecurity Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.