BR +55 11 3069 3925 | USA +1 469 620 7643

Lessons learned from the Uber data breach

Lessons learned from the Uber data breach

CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. |

Lessons learned from the Uber data breach

Uber employees last month discovered a hacker intrusion into their internal network. This was possible because the attacker announced his feat on the organization’s Slack channel, as well as sharing it with the New York Times, which brought the story about the Uber data breach to light.

This isn’t the first time a data breach has occurred at Uber. Previously, the company had to pay a fine of US$148 million due to the theft of data from 57 million users and 7 million drivers worldwide in the year 2016.

The 2016 attack further prompted the conviction of former Uber CSO Joe Sullivan for hiding data breaches and theft from authorities.
In this article, we??re going to dig into the two times Uber data was breached and the lessons learned from those intrusions. To facilitate your understanding, we have divided our text into topics. They are:

 

  • How did the data breach at Uber happen?
  • How did Uber respond to the hack?
  • What was the impact for the organization?
  • Who is responsible?
  • How did the 2016 Uber data breach occured?
  • About senhasegura
  • Conclusion

Good read!

How did the Uber data breach happen?

An attacker is believed to have purchased an Uber contractor’s corporate password on the dark web after their personal device was infected with malware, exposing their credentials.

The contractor received multiple requests for two-factor login approval and ended up releasing access to the attacker, who was able to log into the collaborators account and gain access to various tools, such as the organization’s Slack.

Known as an MFA fatigue attack, this social engineering technique involves bombarding the victim’s authentication app with push notifications so that they accept and allow access to their accounts and devices.

He then posted a message on the Slack channel announcing the Uber data breach. He complained that the company’s drivers are underpaid, as well as exposing screenshots showing assets he has gained access to, such as Amazon accounts, Web Services and code repositories.

How did Uber respond to the hack?

According to Uber’s website, its security monitoring processes allowed it to quickly identify and respond to the attack.

Their focus would have been on ensuring that the hacker no longer had access to their systems, thus protecting user data, as well as investigating the scope and consequences of the incident.
His actions included:

  • Identify employee accounts that could be compromised and
  • block their access to request a password reset;
  • Disable tools potentially affected by data breach at Uber;
  • Reset access to keys for internal services;
  • Prevent new code changes;
  • Require employees to re-authenticate when restoring access to internal tools, as well as strengthen policies related to multiple factor authentication (MFA); and
  • Expand monitoring of the internal environment.

What was the impact for the organization?

Also according to information released by Uber, the hacker had access to the company’s internal systems, but investigations are still ongoing. On the other hand, it was already possible to obtain some information:

  • Uber did not find access to its production systems, that is, to public-facing tools; user accounts and databases with their information;
  • The company encrypted its users’ credit card and health data, providing them with more protection;
  • It also revised its codebase, which did not point to attacker access to customer data stored in its cloud environments;
  • Apparently, the hacker downloaded internal Slack messages and information from an internal invoice management tool;
  • The attacker was also successful when he tried to join Uber’s dashboard on HackerOne, where there are bugs. However, the bugs accessed by it have already been fixed;
  • Despite being able to keep its services running during the process, Uber had its support operations impacted due to the need to disable internal tools.

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

5 + 14 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

Who is responsible?

What we do know about the hacker is that he claims to be 18, did nothing to hide the Uber data leak, and likely his actions were not motivated by financial gain through espionage, extortion or ransomware.

Furthermore, he is believed to be a member of a group of cybercriminals called Lapsus$, which has already breached Microsoft, Samsung and Cisco, among other major corporations. The US Department of Justice and the FBI are investigating the case.
How did the 2016 Uber data breach occured?

The news about a data leak at Uber, which took place in 2016, also became public some time ago. At the time, cybercriminals had access to the data of 57 million users worldwide, in addition to 7 million drivers, which 600 thousand are from the United States.

When Uber discovered the hack, it did not communicate the victims. Other than that, he paid a hacker to keep the fact secret. This conduct violated state law and prompted the Pennsylvania attorney general to demand changes in the organization’s corporate behavior.
In addition, Uber had to pay $148 million in a national settlement, which was distributed among the 50 states and the District of Columbia.

Another consequence was the recent conviction of former Uber CSO Joe Sullivan for obstructing Federal Trade Commission proceedings and covering up the hack. He faces up to eight years in prison on the charges.

About senhasegura

We, at senhasegura, are part of MT4 Tecnologia, a group of companies focused on digital security, founded in 2001 and active in more than 50 countries.

Our main objective is to ensure digital sovereignty and security to our contractors, granting control of privileged actions and data and preventing theft and leakage of information.

For this, we follow the life cycle of privileged access management through machine automation, before, during and after access. We also work for:

  • Avoid interruptions in the activities of the companies, which may impair their performance;
  • Automatically audit privilege usage;
  • Automatically audit privileged changes to identify privilege abuses;
  • Offer advanced PAM solutions;
  • Reduce cyber risks;
  • Bring organizations into compliance with audit criteria and standards such as HIPAA, PCI DSS, ISO 27001 and Sarbanes-Oxley.

Conclusion

In this article, we show you how a data breach occurred at Uber recently and another in 2016. If you found it interesting, share it with someone who wants to know more about this topic.

ADDITIONAL READING ON THE SENHASEGURA BLOG

ISO 27001: 4 reasons to implement it in your company
What to do to avoid Social Engineering attacks?
Top 5 cyber threats to healthcare organizations

What Are the Costs Associated with a PAM Solution?

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...

Why Should You Participate in the Cybersecurity Awareness Month

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks…

Applying Zero Trust to PAM

The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company's perimeter. This practice is extremely important to ensure...

How to Apply Account Lifecycle Management?

In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution.  Our text is divided by topics. They are as follows: What Is Account Lifecycle and Its Management?...

Password Vault: A Complete Guide

The use of many credentials to access various services often causes people to opt for weak passwords or the reuse of passwords, making loopholes for the action of malicious agents.  Moreover, the explosion in the number of connected devices due to technologies such as...

What Are the Costs Associated with a PAM Solution?

What Are the Costs Associated with a PAM Solution?

What Are the Costs Associated with a PAM Solution?

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses.

Thus, one of the most important measures in this regard is to rely on a PAM solution, which contributes to avoiding these risks through the combination of various technologies and strategies.

However, not all vendors guarantee a good cost-benefit ratio when offering this solution. In this article, we will show you what PAM costs are and why senhasegura is your best option. To facilitate your reading, we divided our text into the following topics:

  • What Is a PAM Solution?
  • Why Is PAM Necessary?
  • What Is PAM For?
  • PAM Costs: How Much Will My Company Invest to Implement the Solution?
  • Conclusion
  • About senhasegura

Enjoy the reading!

What Is a PAM Solution?

Privileged Access Management (PAM) consists of a set of tools and strategies that ensure digital security as they enable the control of privileged access in IT structures.

With this solution, one can avoid damage caused by the actions of malicious attackers and mistakes by employees who compromise privileged credentials.

PAM involves a number of strategies, but its main goal is to apply the principle of least privilege, restricting the permissions of human users or machines and providing only the necessary access to perform their tasks.

Today, many experts understand PAM is one of the key solutions to promote cybersecurity and achieve an excellent Return on Investment (ROI).

Why Is PAM Necessary?

PAM is indispensable to promoting information security and avoiding the high costs generated by a data breach.

To get a sense, Kaspersky surveyed 5,500 organizations worldwide and concluded that the average loss a company has from a violation is $551,000. When we talk specifically about small and medium-sized companies, this cost is $38,000.

Moreover, 90% of the surveyed companies had to face security-related problems and, in 46% of cases, the result was the loss of confidential data.

Forrester Research also conducted a study that revealed the damage caused by a violation. Your approach shows how this impact would occur. Check it out:

  • Costs with professionals for damage repairs;
  • Management of the impact on the brand through the public relations service;
  • Costs for notifying customers of the breach;
  • Lawyers’ fees that deal with legal impacts;
  • Payment of legal agreements;
  • Expenses with the repair of damages caused to customers;
  • Penalties and fines;
  • Downtime of activities with loss of productivity; and
  • Reduction in share prices.

Preventing cyber threats is an excellent way to avoid data breach losses, but what would be the amount of these risks? Most cybersecurity managers indicate that in order to have this answer, it is necessary to multiply the probability of an incident by the financial loss it can cause.

In practice, the data covered in this topic show us that PAM costs are significantly lower than the financial impact caused by invasions, provided that the appropriate vendor is chosen.

What Is PAM For?

As mentioned earlier, PAM consists of a set of technologies that allows one to control and monitor the actions of privileged users, whether human or machine.

These users can interact with critical systems, being able to delete accounts, erase or modify data, configure a firewall, and install and uninstall software.

Through PAM, one can prevent the misuse of privileged access, limiting permissions to what is necessary to perform tasks and avoiding financial losses caused by insider or external threats.

In practice, PAM has several capabilities, such as preventing privileged users from requiring local passwords and centrally managing access to heterogeneous systems.

In this way, one can prevent the actions of malicious attackers from succeeding and, if violations occur, they will be detected immediately, preventing hackers from remaining in a system for a long period without anyone noticing.

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

6 + 4 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

PAM Costs: How Much Will My Company Invest to Implement the Solution?

With the increase in the number of cyberattacks, it is essential to invest in digital security measures, such as PAM. However, just considering the price of the solution deployment software does not guarantee the best cost-benefit for your company.

This is because this service involves additional costs that are usually hidden, and make up a sum known as Total Cost of Ownership (TCO).

Several factors directly influence the calculation of the TCO, and the good news is that we, from senhasegura, offer our customers the best TCO on the market.

The first PAM costs you should note are related to its licensing. In this regard, the following capabilities are considered:

  • Account discovery and activation;
  • Integration with adjacent systems;
  • Ease of deployment and scalability;
  • Just-in-time methods;
  • Records and reporting;
  • Privileged access governance;
  • Privileged credential management;
  • Elevation and delegation of privileges;
  • Privileged session management;
  • Privileged task automation; and
  • Secrets management.

Ideally, there should be a platform that encompasses all use cases. Thus, the customer does not need to acquire numerous solutions, which increases PAM costs. We, from senhasegura, offer integrated modules, which meet the needs considered by Gartner.

In addition, our solution has maximum scalability, allowing new modules to be easily added to the PAM implementation without requiring major investments in deployment and training.

When investing in a PAM solution, it is also critical to take infrastructure costs into account. Many vendors require complex, costly structures due to the need for additional virtual machines such as password vaults and web servers.

We offer PAM in virtual machine format, with these components already embedded in the solution. We also offer an advanced hardware solution, called PAM Crypto Appliance, with the following features:

  • Protection against physical tampering with the device;
  • Protection of the encryption key in hardware;
  • Asymmetric key storage;
  • Embedded HSM;
    TPM module; and
  • Redundant power supply and hard drives.

PAM Crypto Appliance simplifies the solution deployment process and enables one to achieve compliance with security and performance requirements. In one of the senhasegura deployments, while one of our main competitors needs 64 servers, our solution only needs six, reducing the time and complexity of implementation and also PAM costs.

Another factor to be considered when checking PAM costs is the need to hire Professional Services to set, customize, configure, and update a PAM solution, which increases additional costs and can be avoided by opting for senhasegura.

Moreover, with senhasegura, your company spends less on support technologies, since the additional software required is already embedded in the solution.

Finally, it is necessary to calculate operating expenses to predict PAM costs, once again, taking into account the training time of the team and managers, which can be reduced with the use of our tool.

Conclusion

In this article, you saw that:

– PAM refers to a set of tools and strategies that ensure cybersecurity;
– Its main goal is to guarantee the principle of least privilege, restricting privileged access in IT structures;
– This technology allows avoiding and reducing damage caused by the action of hackers and human failures, which compromise the security of privileged credentials;
– With PAM, one can avoid major losses generated by data breaches;
– To know how much your company will spend with the implementation of this solution, you need to take into account a number of factors that directly impact PAM costs;
– We have also shown you the reasons why senhasegura is the PAM solution that has the best cost-benefit ratio for your company.

About senhasegura

We, from senhasegura, are part of the group of information security companies MT4 Tecnologia, founded in 2001. Our goal is to provide digital sovereignty to our customers through the control of privileged actions and data.

Our work includes:

– Optimizing the performance of companies, avoiding interruption of operations;
– Performing automatic audits on the use of permissions;
– Auditing privileged changes to detect abuse of privilege automatically;
– Providing advanced solutions with the PAM Security Platform;
– Reducing cyber threats; and
– Bringing the organizations that hire us into compliance with audit requirements and standards such as PCI DSS, Sarbanes-Oxley, ISO 27001, and HIPAA.

Do you want to ensure your company’s digital security with our PAM solution? Contact us.

What Are the Costs Associated with a PAM Solution?

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...

Why Should You Participate in the Cybersecurity Awareness Month

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks…

Applying Zero Trust to PAM

The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company's perimeter. This practice is extremely important to ensure...

How to Apply Account Lifecycle Management?

In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution.  Our text is divided by topics. They are as follows: What Is Account Lifecycle and Its Management?...

Password Vault: A Complete Guide

The use of many credentials to access various services often causes people to opt for weak passwords or the reuse of passwords, making loopholes for the action of malicious agents.  Moreover, the explosion in the number of connected devices due to technologies such as...
Why Should You Participate in the Cybersecurity Awareness Month

Why Should You Participate in the Cybersecurity Awareness Month

CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. | CYBERSECURITY AWARENESS MONTH | BE AWARE. BE SECURE. | Download our essential guide and Empower your users to fight cybercrime. |

Why Should You Participate in the

Cybersecurity Awareness Month

Reading time: 8min33

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks. In this case, the main motivations of these agents are to improperly steal personal and sensitive data, modify settings on devices, and gain unauthorized access through privileged credentials. And with cyber risks increasingly associated with business risks, the consequences of phishing or ransomware attacks can be disastrous for any company.

For these reasons, since 2003, October has been established as the month of cybersecurity awareness in places like Europe and North America. This initiative was conceived through a partnership between governments and the private sector, to increase the level of awareness regarding digital security and empower individuals and organizations to protect their data from the action of digital criminals. And when it comes to cybersecurity, small actions can make a huge difference in ensuring digital sovereignty over data.

According to Verizon’s 2022 Data Breach Investigations Report, 82% of cyberattacks involved the human aspect. This is because it is useless for organizations to increase their cybersecurity budgets and invest in state-of-the-art cybersecurity solutions without addressing the weakest link in the chain: people. Yes, cybersecurity may seem like a complex issue, but at the end of the day, it is all about people.

Precisely for this reason, the Cybersecurity and Infrastructure Security Agency (CISA) in the United States has elected the theme “See Yourself in Cyber” for the cybersecurity awareness month campaign in 2022. This year, the American campaign focuses on four user behaviors that can make a big difference between being a victim of a cyberattack and not.

They are as follows:

Enable Multi-Factor Authentication (MFA)

MFA adds a layer of security to the user authentication process, and is one of the simplest methods of increasing the level of cybersecurity. For this, the user is required to combine two or more forms of identity verification. This can be through something the user knows (a password), something associated with who they are (such as biometrics), or something they have (such as an access token);

Use Strong Passwords and a Password Manager

Using a strong password makes it very difficult for malicious agents to guess the password or carry out brute-force attacks. However, it is worth remembering that, if the user uses the same strong password in several services, they may still be the victim of an attack called credential stuffing. In this type of attack, an attacker uses a leaked password from one service to perform an attack attempt on another service the user has access to. Therefore, to further increase the level of security, it is recommended that users use password generation and management solutions, including Privileged Access Management (PAM) tools.

Upgrade Software

Malicious agents try to exploit vulnerabilities in device operating systems such as computers, tablets, and smartphones every day. This is not surprising, considering that these devices store a huge amount of information from people and organizations, such as their online habits as well as personal and financial data. Thus, enabling automatic updating mechanisms to keep your devices’ software up-to-date is an effective way to protect yourself against financial, data, and credential theft.

Recognize and Report Phishing.

Who does not know someone who has been the victim of a phishing attack? In this type of cyberattack, attackers use emails, social media posts, or messages to trick the user into clicking a link or downloading a malicious file. When this occurs, the user may allow the attacker to steal the data stored on the devices or even encrypt data, preventing access by the victim until a ransom amount is paid. In this case, it is important not to click on any link (including an unsubscribe button) or open attachments until the veracity of the message can be verified. If a phishing attempt is detected, the user must delete the message immediately and report the attempt to the respective provider.

In Europe, the European Union Agency for Cybersecurity (ENISA) is organizing the tenth edition of the cybersecurity awareness month together with the European Commission and member states. In 2022, the themes of the campaign in the European Union are phishing and ransomware, subjects in common with the American campaign.

Moreover, through the campaign’s official website (https://cybersecuritymonth.eu/), one can have access to a series of materials and resources that address the topic of cybersecurity. These resources include blog articles and rich content, as well as tests to verify user knowledge of cybersecurity, and a help session with frequently asked questions about the subject.

Here at senhasegura, it is no different: throughout October, we will offer exclusive content on the subject of cyber awareness. This content includes tips on how to create an efficient cybersecurity awareness campaign, as well as topics that should be present in these campaigns. In addition, we have content presenting what solutions should be implemented in companies to increase the level of cybersecurity and a webinar describing what Information Security leaders should do if they are victims of a cyberattack.

If you want to raise your level of cybersecurity awareness and reduce the risks of a cyberattack, you should not miss anything about our campaign! Don’t be left out!

Did you like it? Share it!

Applying Zero Trust to PAM

Applying Zero Trust to PAM

Applying Zero Trust to PAM

The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company’s perimeter.

This practice is extremely important to ensure cybersecurity, especially in the context of remote work, with employees having access to the resources of the company from any environment and device.

Therefore, we prepared this article exploring the concept of Zero Trust and explaining its relationship with PAMtools. To facilitate your reading, we divided our text into topics. They are as follows:

  1. What Is the Concept of Zero Trust?
  2. What Are the Top Three Aspects of Zero Trust?
  3. What Is Its Importance?
  4. What Are the Advantages of this Approach?
  5. How to Implement this Security Model?
  6. Evolution of Zero Trust
  7. About PAM
  8. Zero Trust and PAM: How to Apply the Concept of Zero Trust in Privileged Access Management?
  9. About senhasegura
  10. Conclusion

 

Enjoy the reading!

 

What Is the Concept of Zero Trust?

Never trust, always check. This is the motto used in the Zero Trust cybersecurity model. According to this concept, it is recommended to grant minimum privileged access, after verifying who the requester is, what is the context of the request, and the risk offered by the access environment.

In this way, one can protect work environments, such as cloud technologies, SaaS, DevOps, and robotic automation, reducing the attack surface and the costs for organizations.

In practice, the Zero Trust security model recommends all users be verified before gaining access to a particular system in order to protect it from external attacks, malware, and insider threats.

That is, they must be authenticated, authorized, and validated continuously before receiving access to applications and data and during the access.

To apply the concept of zero trust, advanced technologies are used, including IAM (Identity and Access Management), multi-factor authentication, identity protection, and endpoint security.

One also needs to promote data encryption, email protection, and verification of asset and endpoint hygiene to connect to apps. 

 

What Are the Top Three Aspects of Zero Trust?

The Zero Trust security model is based on three aspects, which must be considered by organizations. They are as follows:

 

  • Policies

To ensure digital security through the Zero Trust security model, it is critical to create and implement strict security controls, ensuring access to IT environments only for certain people in specific circumstances.

 

  • Automation

Through automation, it is possible to implement the concept of Zero Trust, avoiding human failures and correcting any deviations immediately.

 

  • Visibility

To protect IT devices and assets, it is imperative to identify and monitor them. After all, it is impossible to protect what is not managed, and it is impossible to manage what is not known. That is, to properly protect your infrastructure, you need to know what equipment the company has or has access to.

 

What Is Its Importance?

Companies around the world face problems related to insider threats, generated by third parties or even by errors, accidental or not, committed by employees and former employees.

Thus, giant corporations, such as Google, started to adopt the security model based on Zero Trust, since the old model “trust, but verify”, proved to be insufficient to guarantee digital security. 

In 2015, the U.S. Office of Personnel Management experienced cyberattacks, which motivated the House of Representatives to suggest the adoption of Zero Trust by government institutions. This is because adopting the concept of zero trust ensures effective control of networks, applications, and data. 

Thus, in 2021, President Joe Biden signed the Executive Order for Improving the Nation’s Cybersecurity. This order considers the implementation of Zero Trust-based policies in all agencies of the American government. 

Another important reason to join the security model based on Zero Trust is the possibility of providing digital security to remote work. 

 

What Are the Advantages of this Approach?

As you have seen, adopting the concept of Zero Trust is essential to provide cybersecurity to organizations nowadays. Among its benefits, we can highlight:

  • Superior risk mitigation by reducing the attack surface and controlling lateral movement in the network;
  • Enhanced digital security and support for mobile and remote employees;
  • Defense of applications and data, regardless of whether they are on-premises or in the cloud;
  • Strong protection against advanced threats, such as Advanced Persistent attacks (APTs).

Finally, Zero Trust-based security allows one to segment the network by identities, groups, and roles, helping to contain cyber threats and reduce potential damage. 

 

How to Implement this Security Model?

The implementation of the Zero Trust-based security model requires that the accesses requested are proven to be reliable. For, it is essential to:

 

  • Classify Data

The first step in implementing this security model in your company is to segregate and assign value to the data to be accessed, defining who can access it and how, according to its classification (secret, confidential, internal, or public) and urgency. 

 

  • Monitor Network Environments

To detect irregularities, it is extremely important to know the traffic and how the information is shared.

 

  • Map Risks

Another essential measure is to map the external and internal risks to which the systems are exposed. 

 

  • Officialize the Use of the Approach

It is also essential to adapt policies, procedures, manuals, and other documents to the Zero Trust security model, making the adoption of this approach official. 

 

  • Identify Accesses

Finally, it is absolutely essential to understand what are the types of users on the network, their roles, and the type of access they have. With this, one can authenticate them, ensuring a high level of security. 

 

Evolution of Zero Trust

The concept of Zero Trust emerged in 2010, as an expression coined by Forrester, which was synonymous with the micro-segmentation security approach and related to the creation of secure zones in data centers and cloud solutions used to individually protect workloads. 

This approach has become useful as traditional security mechanisms have proven inefficient in the face of technologies such as cloud computing, virtualization, and mobile devices.

Before that, companies had been building walls around their sensitive data, which used to be transmitted through physical devices or from an internet access point, protecting, monitoring, and controlling that information. 

In practice, it is possible to protect physical devices by managing systems and antivirus. However, the in-depth approach proved to be insufficient for IT services performed outside the security perimeter. 

For this reason, providers of digital security-related products and services have been adhering to the Zero Trust-based security model since 2010, including all types of cyber solutions.

More recently, Forrester published its annual report “The Forrester Wave: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018”, defining seven controls considered basic principles of this approach. They are as follows: 

  • Network Security;
  • Device Security;
  • Identity Security;
  • Application Security;
  • Data Security;
  • Security Analysis; and
  • Security Automation. 

 Gartner has proposed the Continuous Adaptive Risk and Trust Assessment (CARTA) approach, which also brings seven principles, with zero trust being its first one. This concept is related to the balance between risk and trust, considering the confidence needed to gain access to high-value assets. 

 

About PAM

In general, organizations rely on sensitive data and digital assets that should not be accessed by all users at the risk of leaks generated by human failures or even the action of hackers, who capture authorized accounts to move through the network.

To avoid this type of problem, it is recommended to use Privileged Access Management (PAM), a digital security tool that makes it possible to reduce the privilege of users to the minimum necessary to perform their tasks. 

In short, PAM allows one to store and save credentials of authorized users on the network and manage their accounts, recording their activities and granting access only if they provide an explanation. 

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

4 + 14 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

Zero Trust and PAM: How to Apply the Concept of Zero Trust in Privileged Access Management?

Associated with the concept of Zero Trust, a PAM solution provides digital security for companies. Its job is to promote centralized access management through the control, storage, segregation, and tracking of credentials with access to the IT environment.

Thus, one can make sure the access is actually being made by a user and they are allowed to access that environment.

The main features of PAM that allow organizations to apply Zero Trust practices are:

  • Credential Management

With Zero Trust and PAM, you can define administrators and user groups by stipulating their accesses and permissions and managing the full cycle of their credentials.

 

  • Segregation of Access

This solution also allows you to isolate critical environments and detect suspicious activities, avoiding problems arising from unauthorized access.

 

  • Approval Workflows

PAM access requests are easy to configure and make it possible to comply with multilevel approval flows and validate explanations provided by the requesters. 

 

  • Behavior Analysis

Another feature of PAM that optimizes the Zero Trust security model is the monitoring of user actions, which allows identifying and responding to changes in their behavior patterns and access profiles. 

 

  • Unauthorized Access

PAM also allows denying access to users who are outside the company’s policies, for example, using the password of a credential not managed by the solution. 

 

  • Action Analysis

PAM also analyzes activities performed by users and generates alerts that allow inappropriate actions or fraud to be detected. 

 

  • Session Blocking

Finally, whenever there is suspicious activity, the administrator can block the user session in IT environments or operating systems. 

 

About senhasegura

senhasegura PAM allows you to securely manage generic and privileged credentials, ensuring protected storage, access segregation, and usage traceability.

With this, PAM enables organizations to adopt Zero Trust and respect the strictest access controls to privileged credentials in an automated and centralized manner, preventing cyberattacks and leaks of sensitive information. 

Check out some benefits of senhasegura PAM for your company:

  • Control of misuse of privileges;
  • Securely-coded password management;
  • Protection against insider threats and theft of critical data;
  • Monitoring and recording of activities performed during privileged sessions;
  • Automatic reset of passwords or based on an established schedule; and
  • Simplified generation of audit reports from a central audit data repository.

 

Conclusion

In this article, you saw that:

  • The Zero Trust security model recommends to never trust, always check;
  • This means that, before granting privileged access, it is necessary to verify who the requester is, the context of their request, and the risks offered by the access environment;
  • This measure makes it possible to protect IT environments from external attacks, malware, and insider threats;
  • Advanced technologies are used to apply the concept of zero trust;
  • The Zero Trust security model is based on three aspects: policies, automation, and visibility;
  • Large corporations, such as Google, use this concept in their practices;
  • Improved digital security for mobile and remote teams is one of the top benefits generated by the Zero Trust-based security model;
  • To implement this security model, one must classify data, monitor network environments, officialize the use of the approach, and identify accesses.
  • The concept of Zero Trust emerged in 2010 and has evolved until now;
  • PAM is a solution that allows reducing the privilege of users to the minimum necessary to perform their tasks;
  • Associated with the concept of Zero Trust, PAM ensures digital security for companies, promoting centralized access management through the control, storage, segregation, and tracking of credentials with access to the IT environment.

Do you want to learn how Zero Trust and PAM can contribute to your company’s digital security? Contact us. 

What Are the Costs Associated with a PAM Solution?

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...

Why Should You Participate in the Cybersecurity Awareness Month

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks…

Applying Zero Trust to PAM

The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company's perimeter. This practice is extremely important to ensure...

How to Apply Account Lifecycle Management?

In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution.  Our text is divided by topics. They are as follows: What Is Account Lifecycle and Its Management?...

Password Vault: A Complete Guide

The use of many credentials to access various services often causes people to opt for weak passwords or the reuse of passwords, making loopholes for the action of malicious agents.  Moreover, the explosion in the number of connected devices due to technologies such as...

How to Apply Account Lifecycle Management?

How to Apply Account Lifecycle Management?

How to Apply Account Lifecycle Management?

In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution

Our text is divided by topics. They are as follows:

  1. What Is Account Lifecycle and Its Management?
  2. How to Apply Account Lifecycle Management: Good Practices
  3. About senhasegura
  4. Conclusion

Enjoy the reading!

 

  • What Is Account Lifecycle and Its Management?

When a company hires a new employee or service provider, they need access to essential resources to perform their job. Moreover, some operations are performed by non-human users by accessing systems, IoT devices, API keys, and SSH keys, among other technologies.

As the number of remote employees with cloud access increases and IT structures become more complex, it is indispensable to have account lifecycle management for privileged accounts.

In practice, this means establishing processes divided into creation, revision or updates, and deactivation, following each user’s schedule.

 

  • How to Apply Account Lifecycle Management: Good Practices

When using account lifecycle management, it is essential to adopt a step-by-step approach that will provide more digital security for your company. These are:

 

Provisioning

The creation of new human or non-human users must respect the principle of least privilege, which grants only the necessary access for them to perform specific tasks.

This should be observed whenever the company provides privileges to new employees, vendors, and service providers.

 

Revision

The levels of access to confidential information must be adequate whenever it is necessary to promote changes in the privileges of human users.

Only through this one can guarantee the appropriate access of the users during the account lifecycle.

Moreover, it is essential to revoke access whenever an employee is no longer on the staff or a provider ceases to provide services.

 

Privilege Control

It is very common for permissions to accumulate over time, causing human users to have more access than they need to perform their tasks.

This type of situation is often exploited by hackers, who compromise accounts, increase privileges, and invade networks without being identified. Therefore, the scope of privileges must be controlled.

 

De-provisioning 

It is necessary to perform account de-provisioning whenever an employee leaves or is fired from the company.

In this way, the risk of unauthorized and malicious access can be reduced. It is also critical to do the same for machine identities associated with service accounts. 

 

About senhasegura

We, from senhasegura, are part of the MT4 Tecnologia group, created in 2001 to promote cybersecurity to our customers.

Currently, we are present in 54 countries, providing organizations with control of privileged actions and data in order to avoid the action of malicious users and data leaks. 

For this, we have the only PAM solution in the market to offer a 360-degree approach, covering the entire lifecycle of privileged access. 

Here are the main benefits of applying PAM in your company:

 

Elimination of Manual Tasks

Manual tasks overwhelm IT administrators and increase the chances of human error. However, with PAM, one can automate repetitive activities so that professionals focus on more important and strategic tasks, ensuring greater productivity.

 

Compliance With Security Requirements

The application of the principle of least privilege through PAM and the de-provisioning of users are measures that guarantee compliance of companies with security requirements, such as the HIPAA, PCI-DSS, GDPR, and NIST standards.

 

Elimination of Operational Silos

Account lifecycle management can be quite complex when it involves managing identity silos in applications and environments. With PAM, you can end this problem in your company and ensure more efficient management of users, computers, contacts, and groups.

 

Integration of Functions

PAM allows you to integrate critical applications so that IT management can be done from a single tool, making it easier for IT administrators to control account lifecycle management.

 

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

8 + 6 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

Conclusion

By reading this article, you saw that:

  • Account lifecycle management is related to the creation, revision or update, and deactivation of users of an IT system;
  • Good practices related to account lifecycle management involve the provisioning, upgrades, privilege control, and de-provisioning of human users or machines;
  • The senhasegura PAM solution provides a 360-degree approach, covering the entire lifecycle of privileged access;
  • This technology brings several advantages, such as eliminating manual tasks, which allow more productivity; ensuring compliance with strict protection requirements; eliminating operational silos; and integrating functions.

Do you want to apply account lifecycle management efficiently? Contact us and invest in our PAM solution. 

 

What Are the Costs Associated with a PAM Solution?

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...

Why Should You Participate in the Cybersecurity Awareness Month

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks…

Applying Zero Trust to PAM

The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company's perimeter. This practice is extremely important to ensure...

How to Apply Account Lifecycle Management?

In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution.  Our text is divided by topics. They are as follows: What Is Account Lifecycle and Its Management?...

Password Vault: A Complete Guide

The use of many credentials to access various services often causes people to opt for weak passwords or the reuse of passwords, making loopholes for the action of malicious agents.  Moreover, the explosion in the number of connected devices due to technologies such as...