|
Christopher Zannetos President and CEO Courion
|
Courion recommends now that Labor Day has come and gone, companies take a close look at a common access risk factor that may be leaving them vulnerable to a data breach: abandoned accounts.
Most organizations hire seasonal workers, especially in the summer months when university students are available and interested in employment, often at low or no cost to an employer. These temporary employees are given access to company resources, and may even be using privileged access credentials shared by a manager. Many companies forget or neglect to terminate accounts used by temporary employees and interns when summer ends. What’s more, as a company grows and other employees are transferred or terminated, or temporary workers or contractors leave the organization, the number of abandoned accounts can grow – significantly.
Abandoned accounts are not revealed during the typical periodic audit that an IT department might conduct, so these accounts often go unnoticed. The problem is abandoned accounts provide hackers with an easy way to gain access to your network. In addition, seasonal employees are not tied professionally or emotionally to your organization and may be more prone to explore your network and exploit access vulnerabilities, even at a later date.
Reducing or eliminating access risks such as abandoned accounts makes sense as a way to minimize the possibility of a data breach, but CISOs need an efficient way to uncover them. To assist with this problem, Courion now offers a complimentary quick scan evaluation of access risk which leverages the award-winning identity and access intelligence solution, Access Insight, to help organizations gauge whether they have an abandoned account problem. Based on evaluations of access risk recently conducted by Courion at more than twenty major corporations, organizations often have not just a few, but thousands of abandoned accounts.
Both the 2014 Verizon Data Breach Incident Report and the SANS Institutes Top 20 Critical Security Controls recommend that CISOs know who has access to their data and review user accounts on a regular basis. That’s why Courion’s intelligence-driven approach to IAM provides an organization with the ability to “assess first” and uncover issues such as abandoned accounts and orphan accounts with no oversight, or accounts with more access than is truly needed.
“Once hidden access risk factors are eliminated, an organization can continue to leverage the intelligence integrated within the Access Assurance Suite in provisioning and governance operations,” emphasized Chris Zannetos, CEO of Courion. “An organization can not only start, but also stay compliant, because continuous monitoring is built into the suite that automatically detects, notifies and enables remediation of policy violations as they occur, further minimizing access risk and streamlining future audits.”
Christopher Zannetos President and CEO Courion
Chris is co-founder, President and CEO of Courion Corporation, the leader in identity and access management (IAM) solutions that effectively and securely manage access risk. An industry pioneer and visionary, Chris conceptualized and developed the industry's first self-service password reset and compliance management solutions. Under his leadership since 1996, Chris has led Courion to build a customer base of more than 17 million users in over 500 companies worldwide, including nearly 20 percent of the Fortune 500.
Since its inception, Courion has continually been recognized as an innovator and leader, garnering innumerable awards including the Network Products Guide Innovation Award, SC Magazine Global Award for Best Identity Management Solution, eWEEK Excellence Award for Best User Management Product, Info Security Products Guide for Global Excellence in Identity Management, and IT WEEK's Top 50 Technology Innovators, as well as receiving continued recognition as a market leader by industry analysts. Courion customers have also been repeatedly recognized for their successful IAM deployments.
Chris currently sits on the Board of Directors of the Massachusetts High Technology Council (MHTC) as well as the MHTC Cyber Security Task Force, and co-chairs the Education Task Force. He has served as a board member and advisor for numerous start-ups, non-profit and industry organizations including Digital ID World and TechNet, for whom he chaired the Cyber Security Task Force. Chris is a frequent guest lecturer at local universities, focusing on entrepreneurship, as well as a judge at local entrepreneurship contests and speaker at leading industry events. Additionally, Chris spearheads a number of initiatives at Courion designed to benefit and support local charities and schools.
Prior to founding Courion, Chris was a co-founder and partner at Onsett International, an IT service and security consulting firm. While at Onsett, Chris led IT operations for several Global 500 customers and, over the course of five years, his efforts led the company on to exponential growth. Chris holds Bachelor of Science degrees in both Economics and Political Science from MIT, and earned his Master of Science degree in Management from the MIT Sloan School of Management.
|
|