One of the most concerning trends for 2016 seems to be "Another day, another healthcare data breach." Breaches are becoming an all too regular occurrence and not just among healthcare providers. Retailers, credit and financial institutions, entertainment giants, and even governmental agencies are falling prey to the hackers, and in many cases are allowing access to very private customer data, at an alarming rate.
Quick. Think fast! Which industry is the most under attack by cybercriminals?
If you guessed the financial sector, which has historically been the most targeted industry, then it’s time to update your understanding of today’s cybersecurity threats because retail has taken the top spot, according to 2016 NTT research.
Recently, one of our RapidIdentity customers ran into a conundrum. While the customer heavily uses RapidConnect to synchronize their various application and authentication identity sources, they awoke to a mass Email stating that during their morning provisioning the displayName attribute on every user in their environment was changing!
Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) alone does not ensure security against data breaches and stolen payment card records. Even the PCI-DSS website defines the standard’s priorities as helping:
In past posts, we’ve talked about how evolving business and threat landscapes have necessitated more robust, modern, and integrated Identity and Access Management (IAM) solutions. The reality for organizations today is that the weakest link in deterring security threats, such as system breaches and data theft, are employees themselves. Whether intentionally or unintentionally, employee data leaks are startlingly common and can have devastating effects on an organization.
The easiest way to show success is through tangible measurement. When you roll out a new project or implement a new system, you can say that you think it’s working, but without evidence, you really can’t be sure. That is why metrics are so important to a business. Metrics enable an organization to know if productivity is up or if costs are down. They can also measure whether security has improved and identify opportunities to enhance processes. These reasons are precisely why it is so crucial to track identity and access management (IAM) metrics.
Information technology teams tend to have a lot on their plate in terms of installing, maintaining, and protecting various systems throughout the enterprise. The larger the environment, the darker the cloud that tends to loom overhead when it comes to managing even trivial tasks, such as installing management agents or antivirus and keeping them up-to-date. Typically, this is due to the fact that there simply aren’t enough hands on the team, nor hours in the day, to touch dozens or hundreds of machines in disparate datacenters.
Now that we’ve covered the business and technology trends and the evolving regulatory and budgetary challenges driving the need for a modern, robust IAM solution in the enterprise, it’s time to look at how they all fit together in an IAM upgrade pitch to your CIO.
From the massive Target data breach in 2013 to the Wendy's, UC Berkeley, IRS, and U.S. Department of Justice breaches of 2015 and 2016, today's enterprise exists in a security minefield in which a single misstep could lead to a massive breach and public blowout. As IT departments shutter and make sure to shore up their perimeter security, unfortunately, many overlook the fact that it was actually legitimate user credentials that were used in most 2016 data breaches, with some 63% being the result of weak, default, or stolen passwords, according to the new Verizon Data Breach Investigations Report (DBIR). These results drive home the point that passwords are the weakest link in the security chain and malicious intruders know it.
current_page_num+2: 16 -
