SAN RAMON, CA--(Marketwired - Feb 12, 2014) - The Target breach continues to remain in the headlines months after it was first revealed -- and for good reason. The breach is now estimated to have generated over $4 billion in debit card losses alone and a projected 130 million hours of Target's enterprise resources to straighten out their accounts, according to the "Organized Cyber Crime Target" blog by Avatier's Thomas Edgerton. Edgerton points out in the blog that fighting organized crime requires the same automation by corporations as that used by cyber criminals. "This blog intends to call out how identity management automation helps to prevent an enterprise system compromise of Target's magnitude," Edgerton points out.
The problem cited by the blog is not solely an issue of outside hackers but the contribution of insiders. Citing security reporter, Brian Krebs, who originally broke the story, the location of the abandoned server used in the second stage of the breach and its administrators were not identified. "If the practice inside of Target is to share privileged passwords, they may not even be able to provide a complete list of administrators," the blog suggests. Ultimately, Edgerton points out that automated solutions available to IT departments to identify abandoned servers, alert unusual network traffic, and to associate user accounts with privileged identities means that corporations should never have to leave themselves so vulnerable. "The goal of every IT organization should be to automate the removal of the most commonly available contributors to information security breaches," he concludes.
Avatier software and services automate IT operations. Our identity management and access governance solutions make organizations the most secure, compliant and productive in the shortest time at the lowest cost. Avatier products are deployed worldwide across 16 vertical markets and hundreds of organizations with millions of managed user identities. The Avatier Identity Management Software (AIMS) suite incorporates products for user provisioning, password management; access governance and IT risk management. All solutions represent the quickest time to value and the best operational efficiencies in the industry because of their innovative use of graphical configuration versus complex coding and scripting.