Book Demo!

Many high-profile Twitter accounts including Bill Gates, Elon Musk, Apple, and others were hacked this week. The alleged hacker gained access to an internal Twitter admin tool, hijacked the accounts, and tweeted a cryptocurrency scam. This latest attack underscores the importance of access management and securing privileged credentials.

Twitter Support acknowledged the “coordinated social engineering attack” to gain “access to internal systems and tools.” Twitter says it took “significant steps to limit access to internal systems and tools” as the breach is investigated. It is also “looking into what other malicious activity they may have conducted or information they may have accessed.”

This incident highlights an issue that many companies struggle with – who should have access to certain types of resources, data, and the ability to modify it? Access management is a classic use case for privileged access management (PAM) software. It is one of the reasons PAM remains a top security project for IT leaders.

If you look at the Twitter hack, it’s not unexpected that they have an internal tool that allows employees to access accounts or suspend them. Companies need to access user accounts and data when a customer has questions, issues or violate codes of conduct. But who and how the information is accessed and modified needs to be tightly controlled and managed to maintain security and compliance. Luckily, this can be done through privileged access strategies, a zero-trust security model, and PAM software.

Improving Access Management

Companies need to minimize the number of people with elevated privileges, introduce dual control over critical access and automate network access for users with elevated privileges. This includes rotating credentials often and ensuring user access without revealing passwords. If the user doesn’t know the password or only has a one-time credential, they cannot move laterally through a company’s network.

Companies should also maintain the principle of least privilege which restricts access rights for users, accounts, and computers/applications to only those resources/permissions required to perform their job effectively.  They should also routinely review access lists to important admin tools and data.

PAM solutions like XTAM provide the tools companies need secure access management. For example, XTAM puts elevated/privileged credentials inside a secure vault or repository. The user must go through XTAM and be authenticated to access the required resources. XTAM then logs, records, and monitors each session. Credentials and passwords are reset after each use for the highest level of security.

With XTAM you can create role-based access controls that allow IT to grant and monitor access based on a user’s activity just for the duration of this activity. Reporting and alerts are used to notify IT of suspicious activities and determine the who, what, where, and when.

With better access management policies in place, many companies can reduce the impact of breaches such as what Twitter experienced.  Implementing PAM for access management does not need to be complicated or expensive.  XTAM is an affordable, modern PAM solution that is easy to implement and maintain.  Download a free trial today.

Design vector created by freepik –

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts


Improving Database Security with Privileged Access Management

Cybercriminals and hackers want access to your most sensitive information and systems. Customer data, PPI, and company secrets are often kept in databases. With cyber threats on the rise, database security has never been more Read more…


The Challenge with Jump Servers and Privileged Accounts

A lot of companies rely on jump servers as part of their security strategy.  It’s common for a company to create a jump server for IT administrators to connect to SSH and RDP as part Read more…


Insider Abuse, Google and Privileged Users

Recent news reports found that Google fired dozens of employees from 2018 -2020 for abusing their access to company data. While insider abuse is not new, it is a growing threat and one that companies Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.