I am a Free Agent

To my friends and identitystuff community at large, I have parted ways with my now former employer, and will look for my next new gig as I enjoy what's left of summer. my email will stay the same - identitystuff@gmail.com and I hope to be able to write more often. Peace. Out.

Mark

Gotta love this...

The simplicity and maliciousness of this one is pretty incredible... For those of you worried about the perimeter may need to spend more time looking inside...


NEWTON, Mass.--(BUSINESS WIRE)--Cyber-Ark, the privileged identity management specialists, says that the ongoing FiberWAN network lockout situation in San Francisco - where a network administrator has changed system passwords and is refusing to hand them over to administrators - could have been avoided if managers had operated a high-security approach to master passwords.

“This is yet another example of the power privileged identities, such as administrative passwords have and the havoc they can cause in the wrong hands,” said Adam Bosnian, a vice president at Cyber-Ark. “Hackers, or rogue employees such as this case, are savvier on how to create the most damage with the least effort these days, and the use of admin passwords does just that. Unfortunately, the San Francisco department left themselves wide-open by not taking their privileged identity management seriously.”

The San Francisco Chronicle reported Monday that Terry Childs, a discontent computer network administrator for the Department of Technology, tampered with the FiberWAN, which contains the San Francisco’s sensitive data, and created an administrative password that provided him access to the network. Childs refuses to give the elusive password to authorities, even after his arrest.

The city is estimating that this issue will cost millions in repairs. Though the network is running, there is still no way for IT administrators to access it.

“It is critical to take a more proactive approach to secure company back doors,” Bosnian adds, “Companies install complex systems for personal passwords and overlook the more numerous privileged passwords and identities that provide even more system access. These security breakdowns will continue to occur until these keys to the kingdom are securely centralized and managed.”

The San Francisco crisis follows numerous scandals within the last year such as the TJX disaster where millions of users’ data was compromised due to a breach involving administrative passwords.

IDaas is Garnering more discussion...

My buddy Matt Flynn and Matt Pollicove were exploring the topic of IdM as a Service which we had been discussing back in this post a while back...

While at Burton Group's Catalyst this year I had the chance to speak to some folks about this topic and the mindshare was very clear - automate everything you possibly can and use IdM to do it.

IdM products have matured to the point where they can log and gather thousands of events that feed reports that drive compliance (or non-compliance). The gotchas as I see them are this:

IdM is positioned horizontally and cuts across audit, security, and business process (operations) so it can become a political hot potato quickly

Organizations capture a ton of data today, where the wheat and chaff are separated is making the data useful data, and this is a subjective art project that masquerades as science a lot of the time. I'd be curious to see if data mining would and/or could do the same as IdM in reverse - look at raw data of what happened to build a better workflow based in actual events vs. what we think happened

Bottom line is the bottom line. Automation helps us get smarter, behave more efficiently and lower costs while improving the service to the business cash registers.

Right?