Due primarily to the lucrative black market in stolen bank and credit card details, retailers have seen more than their fair share of high-profile cyber-attacks in recent years. The initial intrusion techniques employed by the thieves may vary from case to case, but the ultimate target is usually the same – the customer database.
This, of course, has ramifications not only for the reputation and customer relations of the retailer, but can lead to heavy fines for the breach of national privacy and data protection regulations.
Facts & Figures
“WAB is now a key solution in our infrastructure. Being able to know precisely who does what and grant access rights to the right people is a fantastic possibility”
Ludovic Tassy, CIO
Protect your business from cyber attacks and more
Many of the publicised database intrusions exploit poorly coded web applications, using techniques such as SQL injections to steal, manipulate, or delete data simply by inserting malicious commands into online web forms. For the most part though, these risks can be mitigated through adherence to modern web programming best practice.
A far more insidious threat however arises from the inevitable proliferation of privileged user accounts. Those with root access to a database for example, can literally do anything they want. Managing such privileged access for a small number of trusted staff is one thing, but with retailers across the sector relying so heavily on outsourcing as a means of cutting costs and remaining competitive as margins are continually squeezed, the number of admin and super-user accounts soon becomes unmanageable. Not only that, but when incidents do occur, either through the malicious or accidental actions of such a user, it can be virtually impossible to determine who was logged in at the time and what exactly they did while they were there.
“Wallix AdminBastion is a solution for tracking and monitoring privileged users that is adapted to the needs of Quick.”
Jeremy Sevre, Datacenter and information security manager of Quick
Why should retailers rely on Privileged Identity Management?
Privileged Access Management (PAM) refers to any technological solution designed to mitigate the inherent risks associated with the privileged user accounts of administrators and super-users. By providing full control and visibility of the sensitive, routine tasks of such personnel, an effective PAM solution can greatly reduce the risks of attack, while helping to ensure compliance with all the necessary privacy and data protection laws to which retailers are held to account.
Facing the regulatory compliance challenge in Retail
In addition to the responsibility to customers, suppliers, and shareholders, to secure sensitive data, retailers face a number of laws and regulations, for which non-compliance can carry significant penalties. These include Payment Card Industry Data Security Standard (PCI DSS), as well as various international regulations concerning end-user privacy and data protection.
Meeting retailers requirements with Wallix Privileged Identity Management Solution
At WALLIX, we believe that the value of a software solution lies as much in its ease of deployment, adoption and usage, as with its functional and technological capabilities. WALLIX AdminBastion (WAB) Suite has therefore been designed not only to cover all risks relating to privileged access within retailer organisations, but to do so in the simplest, most intuitive way, ensuring that key business challenges are addressed in the shortest possible time and with minimal disruption to existing work-flows.