Identity Manager Could Have Helped Prevent Snowden Fiasco
SAN RAMON, CA--(Marketwired - Feb 26, 2014) - Months after his cyber heist of classified documents, speculation as well as the re-examination of facts surrounding Edward Snowden continue to capture attention and focus concerns. The "Snowden Effect," as some have dubbed it, is raising questions about trusted identities and administrator privileges. Exposing Snowden's access methods in his recent blog "How an Identity Manager Stops Edward Snowden Administrators," Thomas Edgerton of Avatier identifies how an identity manager can help IT managers safeguard against the intentional actions of privileged identities.
To collect records the blog explains, Snowden admits relying on a Googlebot-like WebCrawlers to find and index NSA Intranet pages. "No reports explain the actual methods Snowden used to upload and transport files," Edgerton notes. "However, a blog post by Venafi CEO, Jeff Hudson provides one of the most compelling explanations. In his post, Hudson surmises Snowden fabricated digital certificates to breach NSA systems. To transport documents outside of the firewall, he leveraged the trust inherent in encryption to pass files through the NSA network undetected."
The blog points out that Snowden gained access in four ways: collaborators, trickery, valid access and grandfathered access. "These last two are the easiest for IT to control," Edgerton concluded. "Once access has been granted, it is important to use an identity manager to perform access certifications along with risk intelligence to identify grandfathered access and unnecessary privileges. Risk intelligence highlights information for accounts, particularly 'outliers' or accounts with more privileges than normal. Identity risk intelligence provides information such as last login, last password change date and excessive access privileges compared to peers. These could have been significant deterrents."
Avatier is the identity management company designed for business users. We automate and unify enterprise operations by standardizing business processes with an IT store. Our IT service catalog creates a single system of record for access requests and IT audit.
Our easily extensible identity management system lowers operational costs and provides corporate governance visibility. Avatier automates workflow and compliance reviews to reduce IT governance risks.
Founded in 1997, Avatier is headquartered in the San Francisco Bay area with offices in Chicago, Dallas, New York, Washington DC, London, Munich, Singapore, Dublin, and Sydney. Our products operate globally for customers like Marriott, DHL, Halliburton, Starbucks and hundreds more. For more information, please visit www.avatier.com and follow @Avatier on Twitter.
Direct: +1-415-963-4082 x104