When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
But hours isnt fast enough today.
Hackers used exposed access tokens from previous incidents to penetrate the organizations Zendesk implementation.
Unfortunately, the number of times we keep seeing these incidents is a symptom of how complexIT infrastructurehas become.
Finding out who breached your data, where, and how is often headache-inducing.
But theres also the fact that access relationships between resources are also fragmented.
This fragmentation of access and security models makes organizations vulnerable to human error.
What would fix this?
A newcybersecurityparadigm one without static credentials, eliminating the attack surface targeted by threat actors.
Companies can further harden their security by shifting their access model from role-based authentication to attribute-based authentication.
If youre wondering why that number is so high, its because humans make it easy.
We leave credentials like passwords,browsercookies, and API keys lying around in the most obvious places.
This makes it only a matter of time before a user inadvertently reveals too much information or prior credentials.
Hackers are ready to pounce on these mistakes.
Above all, companies shouldnt treat identity management, policy governance, and access control as distinct endeavors.
They are all interconnected.
Imagine you have a database table housing sensitive data.
Are they in the office?
Or are they in Hawaii?
What gear are they on?
Are they using a worklaptop, aphone, a tablet, or something else?
What time is it?
Do they really need access to a resource when its in production?
No more access for the random guy drinking a slurpee in Hawaii.
The mindset should be locked by default.
Thats imperative to reducing the attack surface.
We’ve featured the best endpoint protection software.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc.
If you are interested in contributing find out more here:https://www.techradar.com/news/submit-your-story-to-techradar-pro
