Claude Mandy, Chief Evangelist at Symmetry Systems
The Halloween season is filled with fear of ghosts and goblins, but it’s not only these spooky creatures that should cause concern. The digital world can feel like it has a few monsters of its own – malicious actors and sinister threats lurking in the shadow data. As more organizations adopt cloud and other on-demand computing services, the fear surrounding these threats continue to increase. To keep these threats at bay and their data safe, organizations need to know where their data is, who has access to it, how it is being used and whether it’s safe.
Rather than fill this holiday with more dread and foreboding, we want to use it to bring attention to these ever-evolving threats and empower organizations to better protect their personal data. Here, we will unveil some of the monsters and myths of the cyber world that may be haunting organizations, and will offer practical guidance and best practices on how to unmask them and keep data safe.
Zombie Accounts Linger with Access
There are often cases across organizations where long-forgotten user accounts, once granted legitimate access to their data, lie dormant like the undead. These “zombie” accounts can pose a significant threat to their data security – if left to linger. In many organizations, permissions are granted but subsequently forgotten, which often create security vulnerabilities.
To protect against these lingering zombie accounts, it is important to enforce the principle of least privilege, removing permissions if they are no longer used or needed – users should only have the permissions necessary for their tasks. Once a specific permission is no longer needed, it should be immediately revoked. By proactively managing permissions and continuously monitoring who has access to what, organizations can protect their data and ward off these undead zombie accounts.
Mummified Data Lying Dormant Waiting to be Unleashed
“Mummified” data, more commonly referred to as dormant or unused data, is another concern to take action on before too late. Mummified data lies quietly, waiting to unleash a data breach as soon as it is discovered. It is oftentimes unstructured and is not managed or secured by an organization. And while it may no longer serve an immediate business purpose, it still poses serious risk – dormant data widens an organization’s security perimeter, making it susceptible to potential data breaches if discovered by malicious actors.
To mitigate this danger, organizations should establish robust data lifecycle management processes that restrict access to dormant data, securely archive data, and eventually securely dispose of data when it is no longer useful or required to be kept. Defined data lifecycle management processes and proper disposal of “mummified” data is necessary to prevent a data breach “curse” from being unleashed upon your organization.
Ghost Accounts Haunting your Systems
Inactive “ghost” accounts may not be supernatural beings, but they can still haunt your systems and data. These accounts typically belong to former employees who have left the organization but still retain access. They accumulate in every environment due to organizations failing to remove access privileges to these inactive “ghostly” identities. This is incredibly dangerous because if left with access, cyber threat actors can take advantage of these “ghost” accounts, oftentimes without security teams noticing because the account was once authorized.
To eliminate this danger, organizations should have an ongoing termination process. However, ghost accounts should also be continuously monitored, constantly checking account usage, to ensure they are removed as soon as possible if the organization’s account termination process fails. It is important to prioritize the removal of these haunting ghost accounts to keep data secure.
This Halloween season, organizations should not fear these data security monsters. By incorporating these strategies to improve their data security posture, organizations can remain safe and secure, even during the spookiest of seasons.
Author Bio:
Claude Mandy is Chief Evangelist for Data Security at Symmetry, where he focuses on innovation, industry engagement and leads efforts to evolve how modern data security is viewed and used in the industry. Prior to Symmetry, he spent 3 years at Gartner as a senior director, analyst covering a variety of topics across security, risk management and privacy. Prior to Gartner, Mr. Mandy was the global Chief Information Security Officer at QBE Insurance – one of the world’s top 20 general insurance and reinsurance companies. Prior to QBE, Claude held a number of senior risk and security leadership roles at the Commonwealth Bank of Australia and KPMG Namibia and South Africa.
