The unpaid summer intern that could cost you millions
Most organizations hire seasonal workers, especially in the summer months when university students are available and interested in employment, often at low or no cost to an employer. These temporary employees are given access to company resources, and may even be using privileged access credentials shared by a manager. Many companies forget or neglect to terminate accounts used by temporary employees and interns when summer ends. What’s more, as a company grows and other employees are transferred or terminated or temporary workers or contractors leave the organization, the number of abandoned accounts can grow – significantly.
Abandoned accounts are not revealed during the typical periodic audit that an IT department might conduct, so these accounts often go unnoticed. The problem is, abandoned accounts provide hackers with an easy way to gain access to your network. In addition, seasonal employees are not tied professionally or emotionally to your organization and may be more prone to explore your network and exploit access vulnerabilities, even at a later date.
Reducing or eliminating access risks such as abandoned accounts makes sense as a way to minimize the possibility of a data breach, but CISOs need an efficient way to uncover them. To assist with this problem, Courion now offers a complimentary quick scan evaluation of access risk whichleverages the award-winning identity and access intelligence solution, Access Insight, to help organizations gauge whether they have an abandoned account problem. Based on evaluations of access risk recently conducted by Courion at more than twenty major corporations, organizations often have not just a few, but thousands of abandoned accounts.
Both the 2014 Verizon Data Breach Incident Reportand the SANS Institutes Top 20 Critical Security Controlsrecommend that CISOs know who has access to their data and review user accounts on a regular basis. That’s why Courion’s intelligence-driven approach to IAM provides an organization with the ability to “assess first” and uncover issues such as abandoned accounts and orphan accounts with no oversight, or accounts with more access than is truly needed.
“Once hidden access risk factors are eliminated, an organization can continue to leverage the intelligence integrated within the Access Assurance Suitein provisioning and governance operations,” emphasized Chris Zannetos, CEO of Courion. “An organization can not only start, but also stay compliant, because continuous monitoring is built into the suite that automatically detects, notifies and enables remediation of policy violations as they occur, further minimizing access risk and streamlining future audits.”
Courion is a leader in the Gartner Magic Quadrant for Identity Governance and Administration (IGA)and a leader in the KuppingerCole Leadership Compass for Identity Provisioning. To learn more how you can use intelligent identity and access management in your organization, contact 866.Courion or email@example.com.
Courion is the market leader in Identity and Access Management (IAM), from provisioning to governance to Identity and Access Intelligence (IAI). Many of the world’s largest enterprises and organizations rely on Courion’s solutions to confidently provide open and compliant access to thousands of employees while protecting critical company data and assets from unauthorized access. Courion has offices and operations in the USA, Europe, Middle East and Asia. To learn more about how you can add intelligent identity and access management solutionsto your security controls, contact 866.Courion or firstname.lastname@example.org.