When we think of privileged or shared accounts, Facebook and Twitter don’t typically come to mind. However, as several organizations in the entertainment industry learned last week, those accounts are very much at risk and when compromised can be detrimental. The hacking group OurMine temporarily hacked into the Twitter and Facebook accounts of a couple of entertainment industry giants and posted messages on their corporate accounts. Our Mine claimed to have network database information, but weren’t going to share it as they claim to be a “white hat” or an ethical hacking organization that specializes in trying to find vulnerabilities to help ensure networks are secure. Even though this limited the damage there is a lot of bad publicity which is likely to bring some negative brand impact for those that were hacked.
And the hacking doesn’t stop with social media accounts. Hackers also recently obtained access through a privileged account to a server at Bitmain, the largest Chinese mining equipment manufacturer and a bitcoin mining pool operator. That server apparently had some user data and encrypted passwords and some of those accounts may have been leaked or stolen. Bitmain has advised all of its users to update their passwords.
So how do you ensure the security of your corporate social accounts as well as any other privileged or shared accounts? You do it by using a privileged password safe or vault. A privileged or password safe automates, controls and secures the process of granting privileged credentials. It should enable role-based access management and provide automated workflows for approval of use. But the bottom line is that it secures the account ensuring only the right people get access to those privileged credentials while protecting those accounts from hackers.
At One Identity, we just released a new version of One Identity Safeguard our privileged password vault. To learn more about the features that can protect both your social media privileged accounts and your infrastructure privileged accounts, view our latest webinar.