Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Needless Loss of Half a Million Card Details

Avecto : 09 July, 2012  (Technical Article)
Avecto believes multi-layered data protection would have prevented the recent large scale loss of financial card details
Recent reports on the theft of over half a million financial card details by hackers, could have been avoided if data security had been multi-layered believes Avecto.

The Dark Reading newswire reported on a screen-scraping malware infection being investigated by US authorities at the Wyndham Worldwide chain of hotels.  Avecto believes that allegations of lax security within the hotel chain is only part of the story.

“Organisations with vast numbers of staff dispersed across multiple premises face major issues designing and implementing multi-layered security systems that can protect data at all times.” Commented Paul Kenyon, chief operating officer with the Windows privilege management specialist.

“We’ve found that in this scenario, serious security vulnerabilities occur when users are given admin rights and do not regularly connect to the domain. The system is still at risk even with regular group policy updates deployed and anti-virus software installed, working alongside other controls  because users with admin rights can over-ride these controls,” he added.

The solution, Avecto believes, is to deploy an extra layer of security whereby all users on the system operate under a standard user account and privileges are then assigned to applications - and tasks - through security policies. Assigning privileges directly to the applications that require them, further protects the IT environment, as the damage caused by a security breach is significantly minimised.

“The analogy I would draw here is the difference between a thief being able to gain out-of-hours access to a bank lobby where secure cash machines are located, and gaining access to the staff area of the bank. While the former scenario is not ideal, the damage a thief can carry out is minimal. With the latter, it’s a recipe for disaster.” he said.

“It’s the same with data and systems access. With effective privilege management and application elevation, even if the data thief does break through the outer layer of defences, the internal layers will help keep them in the electronic equivalent of the bank lobby,” he added.

In the case of Wyndham Worldwide, technology such as Avecto’s Privilege Guard software could have significantly reduced the risk for the hotel chain.

“Modern security is about reducing the risk profile of the data and the systems that process that data. In today’s multi-vectored hacker attack environment you can never remove security risks entirely, but commonsense tells us that reducing your risk profile also decreases the risk of a data breach – and that has to be a positive step,” he concluded.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo