How to mitigate the next ‘would-be’ data breach with identity
17 December 2018
Mark McClain, CEO and Founder, SailPoint, highlights the dangers of orphaned accounts for both consumers and businesses and explains what enterprises can do to avoid the horrors of facing a data breach.
Today’s online world functions on the premise of a value exchange. To purchase, view and sometimes comment on content, we’re often asked to input personal data which can be as little as our email addresses to as sensitive as our credit card information.
Unsurprisingly, a majority of British consumers (57 per cent) are concerned about how much personal data they have shared online. To make matters worse, we’re seeing data breaches frequently hit the headlines, with companies such as Quora coming under the spotlight for leaking consumer information and facing significant financial penalties as a result. In fact, our research shows that the average cost of dealing with a breach is almost £700,000 per company, per breach.
Concerningly, recent hacks like the Quora data breach have revealed that many consumers have lost track and are unsure of where they’ve previously shared their personal details or even what user accounts they have. And this uncertainty around data sharing and user accounts isn’t exclusive to consumers, but common with enterprise users, as well.
With the holiday season fast approaching, retailers will see a higher turnover of staff – and with it, an increase in employee accounts/logins. While seasonal workers are needed to deal with heightened consumer demands, this resource can come with a hidden danger which is often left undetected – that of orphaned accounts (dormant accounts of former employees), which often occurs after seasonal workers depart.
This issue certainly isn’t exclusive to retail companies, however, but is an issue that any organisation must address as they manage all of their digital identities and their access as they join, move or leave the organisation.
Also of interest: What’s the most effective way of reducing password theft?
The dangers of stolen user credentials
Orphaned accounts occur when user logins remain open but are no longer in use. With careers now being a varied picture of seasonal jobs, promotions, career changes, and side-steps, enterprise security groups sometimes struggle to keep up, and stolen employee credentials have become a significant threat to many businesses, as a result. Should a hacker gain access to a user account (orphaned or otherwise), they’ll have ‘legitimate’ access to sensitive business information and applications that the actual user had previously.
It seems obvious, but it is vital that companies can answer the question of who has access to what business applications and data and whether or not they should have that access.
In many cases, permanent employees may still have their former access privileges long after they have left the company, while internal moves (either through promotion, or horizontally within the organisation) can leave workers with inappropriate or unnecessary access to data and systems. This multiplies the opportunities for criminals who are increasingly targeting user accounts to gain entry into an organisation.
And it’s not just employees that organisations have to contend with. Today’s business operations rely on other users within the enterprise beyond employees, including contractors, business partners and even software bots – and these users can sometimes operate far outside of the traditional corporate firewall.
Keeping up with these users and their access is incredibly complex for IT teams and becomes even more so when you think about the number of organisational changes that happen on a daily basis. It is the failure to effectively manage these changes which leaves the door open for hackers.
It is, therefore, imperative that organisations consider the slew of digital identities that make up the enterprise as the new ‘security perimeter’. Governing this perimeter should be a number one priority for businesses today.
Also of interest: Understanding the role of the Data Protection Officer
Safeguarding the ‘security perimeter’ with identity governance
At the end of the day, the risk of unauthorised access cannot be completely eradicated, which is where identity governance comes in. It helps organisations compare who currently has access to what with who should have access to what. This allows IT teams to identify application and data access and usage behaviours that are outside of what is normal or necessary for the users’ role at the company.
Identity governance helps IT teams manage and govern access for all of their organisation’s digital identities, including helping them to identify orphaned accounts or users with access they no longer need to do their jobs. Governing access throughout a user’s career and, importantly, revoking that access after it’s no longer needed, helps to eliminate the risk of stolen, seemingly legitimate user credentials.
It might be tempting to overlook the risks and postpone the implementation of vital protective technologies such as identity governance, but the financial and reputational costs of data breaches should be incentive enough for organisations to adopt a proactive mindset when it comes to governing identities and their access to sensitive data.
By implementing an identity governance platform that can adapt to regulatory changes and rapidly developing threats, organisations can protect not only their sensitive data, but also their brand reputation – which, in the long run, will make or break an organisation.