Data breaches continue to harm enterprises despite installing security solutions. Cyber attackers are logging in using weak or compromised passwords, moving across the network to gain privileged access to steal data and cover their tracks. These are challenges companies are facing today which drive the need for them to be informed about the threats they are infected with and the security technology to secure their infrastructure.
A study conducted by Centrify, a cloud-ready Zero Trust Privilege provider, showed that 66% of organizations are still getting breached on an average of five times or more a year as the attack surface continues to increase. Privilege abuse is the leading cause of data breach where 80% of breaches involve privileged credential misuse. This happens despite spending large amount on IT security and risk management in 2019.
The National Privacy Commission of the Philippines said 53% of data breaches in the country can be traced to employee negligence against the 47% that is attributed to hackers and cybercriminals.
To help stop the causes of breaches, Centrify has redefined the legacy approach to Privileged Access Management by delivering cloud-ready Zero Trust Privilege to secure infrastructure, DevOps, cloud, containers, Big Data and other modern enterprise attack surfaces.
The Centrify Zero Trust Privilege works by helping customers grant least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. The implementation of least privilege access minimizes the attack surface, improves audit and compliance visibility, and reduces risk, complexity and costs for the modern, hybrid enterprise.
Unlike the traditional network model of “trust but verify” which relied on well-defined boundaries, the Zero Trust Privilege mandates a “never trust, always verify, enforce least privilege” approach to privileged access, from inside or outside the network.
The Zero Trust Privilege may help organizations reduce the risk of becoming a data breach victim. Enterprises may consider the Privileged Access Management approach by implementing password vaults, leaving gaps that can easily be exploited. Zero Trust Privilege combines password vaulting with brokering of identities, multi-factor authentication enforcement and “just enough” privilege, all while securing remote access and monitoring of all privileged sessions.