Danger lurks inside

Danger lurks inside!

11.10.2021
Does your company have sensitive data and are you afraid of losing it? Having data that is well-secured against external attacks does not mean that your data is truly protected – danger can lurk inside!

The fact that your data is perfectly secured against any external attacks does not mean that one of your employees will not try a similar attack from the inside. This would not be the first or the last case. Probably the most famous case of this kind was the Edward Snowden case in 2013, who, as part of a contract for the US National Security Agency brought to the press information about the massive classified worldwide surveillance of phones and electronic communications by security services. PAM (Privileged Access Management) tools try to eliminate these types of cases.

Protect your data
PAM tools are used to monitor, record, and analyse privileged access to important information and resources of an organization. A privileged account has higher privileges than a normal user, and it can therefore have access, for example, to the contents of the entire internal database. These accounts include accounts for the organization’s system administrators, as well as for applications that need to access the relevant data.

The importance of this area increased during the global Covid-19 epidemic, due to the growing need for teleworking. This resulted in an increase in the demand for PAM tools to protect internal data according to the required authorization.

UEBA (User and Entity Behaviour Analytics) technology focuses on more than just privileged users. UEBA uses behavioral analysis to monitor the activities of users and infrastructure entities such as servers and applications. UEBA systems identify the model of typical and atypical behaviour of users and devices. This technology, based on artificial intelligence, is very effective in detecting threats originating from the internal environment of the organization. The basis of this technology is that it may be easy to steal someone’s credentials, but it will be a lot harder for the attacker to imitate a person’s usual behaviour once they are inside the organization’s network. Therefore, if an attacker manages to crack a user’s username and password, but behaves atypically when compared to the authorized user, the UEBA system will record this and issue a warning message to the system administrator.

Known cases in which sensitive data was leaked have forced companies to ensure the security of this data. New technologies help them protect data against attacks from inside and outside the organization.

If you feel that your sensitive data is not yet completely safe, we can help you find a suitable solution.