Get Started!

In the last 24 hours, the news has been filled with reports about the Capital One data breach that impacts 100m customers.  According to the bank, the hacker gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people’s names, addresses, credit scores, credit limits, balances, and other information.

While reports do not provide the technical details of the breach, we do know that the hacker used a misconfigured application firewall. This vulnerability let the attacker inside the organization network and likely enabled her to gain privileged escalation or elevated access / credentials to sensitive data (i.e. customer data).

The Capital One Data theft showcases the importance of implementing a Zero-trust security model and privileged access management tools for hybrid and cloud environments. A zero-trust model is based on access control and not trusting anyone by default, even those already inside your network perimeter. It helps promote security of internal network components even if some of them are breached.

Privileged access management (PAM) tools, such as XTAM, help promote a zero-trust model inside corporate networks by limiting the access to vital resources even from devices inside the firewall. This limits the possibility of cybercriminal moving laterally inside the network.

PAM solutions do this by putting privileged credentials inside a secure vault or repository. System admins and other privileged users must go through the PAM software and be authenticated in order to access their credentials. The PAM software logs, records and monitors each session and can send alerts regarding suspicious activity.

PAM tools can control user access to cloud, hybrid or on-premise environments. Using a zero-trust approach, PAM software forces trusted users to go through the PAM solution to access corporate systems, companies can create a security perimeter across hybrid environment and effectively block malicious outsiders.

In the wake of the Capital One data breach, companies should begin implementing a zero-trust model and modern PAM tools. In fact, Gartner named PAM a top IT security project for 2019 and 2018.  This approach will help strengthen a company’s cloud, hybrid or on-premise network – even in the case of a breach.  Companies can feel confident that their infrastructure and privileged data will remain secure from threats and meet regulatory requirements.

Download Xton Access Manager

Xton Access Manager is a modern, cloud-ready approach to PAM software. An enterprise-grade solution, XTAM is designed to simplify privileged account management while limiting your risk of security breaches and regulatory issues.



Categories: Industry

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts


The Challenge of Multi-Factor Authentication and Shared Accounts

Recently, I wrote about the importance of combining multi-factor authentication (MFA) and privileged access management. According to 2018 Global Password Security Report, 45% of organizations are already using two-factor authentication (2FA) and the 451 Group Read more…


Integrating PAM with MFA

For the second year in a row, Gartner lists Privileged Access Management (PAM) as the top security project for 2019. In this CIODive article, Gartner’s Brian Reed writes that PAM projects should help organizations discover Read more…


Getting Ready for RSA Conference – 3 Security Trends to Watch

RSA Conference 2019 is less than a month away (March 4-8) and we are extremely excited to exhibit at this year’s show in the Early Stage Expo. In preparation for the event, I was looking Read more…

Copyright © 2019 Xton Technologies, LLC. All rights reserved.