A False Sense of Security: Who is Using Your Accounts

  • 10 September 2014
  • 0 replies
  • 265 views

Userlevel 7
By Travis Greene on September 10, 2014
 
With most cyber-attacks, the damage is done long before any corrective actions can be taken.
Managing identities and their access is an essential part of any security program. Yet even when identity and access is well-managed and user activity is within policy, do the credentials and the behavior make business sense? If you can’t interpret user activity with the context of identity and what is normal behavior, your organization may be living with a false sense of security, providing a significant window of opportunity for attackers.
Hard-to notice threats
Security was once focused on “walling off” sensitive data, but today’s threats follow a less linear path.
In 2009, a Gmail account belonging to a Twitter employee was compromised. Usually this wouldn’t be a corporate problem, but that personal breach was used to infiltrate the employee’s Google Apps account and other employee accounts. And remember, don’t allow yourself to criticize too harshly - file sharing using personal cloud apps is common practice.
Twitter was using Google Apps as a way to share sensitive corporate documents and information, so accessing the documents was not out of policy for the compromised user accounts. However, Twitter lacked the ability to detect abnormal activity, as the hacker gathered information for three months. It might have been longer had he not revealed his own activities as a way of highlighting concerning security practices.
 
SecurityWeek/ full article here/ http://www.securityweek.com/false-sense-security-who-using-your-accounts

0 replies

Be the first to reply!

Reply