World Video | Defence | Foreign Affairs | Natural Events | Trade | NZ in World News | NZ National News Video | NZ Regional News | Search

 

Pageup Data Breach Calls For Zero Trust Security

Pageup Data Breach Calls For Zero Trust Security Warns Centrify


Cybersecurity specialist Centrify warns that this week’s revelation of a major data breach by Human Resource services company PageUp highlights the need for companies to deploy Zero Trust Security.

PageUp, which claims to have two million active users across 190 countries, cites major enterprise and government clients including Telstra, NAB, Coles, Australia Post, Aldi and Medibank. Any data breach potentially compromises the personal details of thousands of Australians.

In the most reported data breach since Australia’s new Notifiable Data Breach law commenced in February, PageUp CEO and co-founder Karen Cariss, in a statement on the company’s website, said that investigations of its IT infrastructure had revealed a malware infection that may have compromised client data. The statement also suggested that users change their passwords.


Centrify Senior Director APAC Sales Niall King said PageUp’s data breach report epitomised the security problem facing corporations and individuals in a “boundaryless world”. “Trust no longer provides protection, whether it’s of an employee or a third-party service provider,” he said.

“While we don’t know how this malicious code got into the PageUp system or what damage it may have done, this incident is another wakeup call for corporations to rethink how they address security.

“Centrify advocates a Zero Trust Security modelbecause it removes trust from the equation entirely. Based on the assumption that untrusted actors exist both inside and outside the network, Zero Trust leverages powerful identity services to secure every user’s access to apps and infrastructure.

“Access to resources is granted only after identity is authenticated and the integrity of the device is proven – but even then, with just enough privilege to perform the task at hand.”

Mr King said this Privileged Access Management strengthened corporate defences by only giving users the privileges they needed to do their jobs - and revoking elevated privileges once the job was done. “This is an additional barrier to an illicit or inadvertent user infecting the system with malware,” he said.

“Likewise, Zero Trust Security mandates that the days of verifying a user’s identity simply with a user ID and password are long gone. Today, usernames and passwords can be phished, bought off the Dark Web - or ‘sniffed’ by malware. Zero Trust mandates that access credentials are fortified by MFA (Multi-Factor Authentication), requiring something you have or are as well as something you know.

“MFA would render useless any passwords compromised by a PageUp data breach because you would need that second factor of authentication - such as a code verified by mobile phone - to log on.”


ENDS


About Centrify

Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify is enabling more than 5000 customers, including over half the Fortune 50 in the US, to defend their organisations. To learn more visit

www.centrify.com


The Breach Stops Here

Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.

© Scoop Media

 
 
 
World Headlines

 

'Fixing' Family Separation: Executive Order Imprisons Families Indefinitely

Amnesty: President Trump signed an executive order today mandating for children to stay with their parents in detention while their asylum claims are processed. More>>

ALSO:

Krump: NZ Welcomes The US-DPRK Summit

The two signed a Joint Statement in which Chairman Kim reaffirmed his commitment to the complete denuclearisation of the Korean Peninsula. President Trump also made a commitment to provide security guarantees to North Korea. More>>

ALSO:

Fake News and political establishment leading Colombia back to war

Scoop's Joseph Cederwall Updates: On June 17th Colombia votes in the final runoff round in one of its most pivotal and closely fought Presidential elections in decades. The two remaining candidates are starkly polarised, as are the potential outcomes for Colombia and the region ... More>>

ALSO:

Gordon Campbell: On What We Can Expect From Talks With North Korea

Whatever happens, or if nothing happens, Trump is going to declare an amazing victory, so it might be useful to try and pre-empt the bullshit and establish what if anything, this meeting will actually deliver. More>>

ALSO:

"Systematic Murder": Complaint Filed To ICC Over Gaza Killings

Scoop's Alastair Thompson reports: Over the past four years Kiwi journalist, investigator and human rights activist Julie Webb Pullman has trained and coordinated funding to assemble teams to collect evidence, interview witnesses and properly document thousands of individual war crimes committed in the period since Operation Protective Edge (2014). More>>