{"id":408,"date":"2014-12-30T14:36:24","date_gmt":"2014-12-30T14:36:24","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=408"},"modified":"2015-04-16T17:31:37","modified_gmt":"2015-04-16T17:31:37","slug":"identity-and-access-management-and-the-sony-hack-attack","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/","title":{"rendered":"Identity and Access Management and the Sony Hack Attack"},"content":{"rendered":"<p><a href=\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg\" alt=\"Identity and Access Management and the Sony Hack Attack\" width=\"600\" height=\"270\" class=\"alignleft size-full wp-image-422\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg 600w, https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack-300x135.jpg 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a>The hack attack experienced by Sony has made lots of news recently, and it should highlight for all companies their vulnerability to data breach. How the company was breached should be particularly enlightening.<\/p>\n<p><a href=\"https:\/\/www.cbsnews.com\/news\/how-the-sony-hack-was-traced-back-to-north-korea\/\" target=\"_blank\">CBS news reported<\/a> that &#8220;Law enforcement sources said North Korea hacked into the Sony network by stealing the login credentials of one of the company&#8217;s computer system administrators.&#8221; That one set of credentials could be used to access anything within Sony&#8217;s corporate network. Once inside, the hackers were able to do all sorts of nasty stuff, such as erase hard drives, steal data, and reveal embarrassing communications between and other information about both Sony executives and employees. The Wall Street Journal&#8217;s Bruce Schneier in an opinion piece <a href=\"https:\/\/www.wsj.com\/articles\/sony-made-it-easy-but-any-of-us-could-get-hacked-1419002701\" target=\"_blank\">said that<\/a> &#8220;the press may not have divulged this information, but their friends and relatives peeked at it,&#8221; and as a result, &#8220;hundreds of personal tragedies must be unfolding right now.&#8221; Even worse, the hacker group claiming responsibility, &#8220;Guardians of Peace,&#8221; are using the stolen employee data to blackmail, threaten and harrass regular employees, according to Pierluigi Paganini, <a href=\"https:\/\/resources.infosecinstitute.com\/cyber-attack-sony-pictures-much-data-breach\/\" target=\"_blank\">author of a piece on the attack<\/a> at the InfoSec Institute.<br \/>\n.<\/p>\n<p>At its core, the Sony hack was an identity and access management failure. I would also argue that it is a business management failure. Sony reportedly made a business decision to accept the risk of data breach rather than pay for better security. Schneier said the following:<\/p>\n<p>&#8220;<em>Sony clearly failed here. Its security turned out to be subpar. They didn\u2019t have to leave so much information exposed. And they didn\u2019t have to be so slow detecting the breach, giving the attackers free rein to wander about and take so much stuff.&#8221;<\/em><\/p>\n<p>To be fair, the same article admits that the determined hacker with good technical skills will get through no matter almost what you do, but there are still ways to detect intrusion more quickly and limit the damage. A good IAM solution would have limited the access that the stolen credentials had across the company in the first place, thereby limiting the damage or forcing the hackers to work a lot harder to get the data. Schneier says that as a result, you need to take this security stuff a lot more seriously than you may have previously. That means spending money on protecting yourself, unlike Sony.<\/p>\n<p>To take a look at top Identity and Access Management\u00a0 providers, check out our 2015 IAM Buyers Guide <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-2014-identity-management-solutions-buyers-guide\/\" target=\"_blank\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The hack attack experienced by Sony has made lots of news recently, and it should highlight for all companies their vulnerability to data breach. How the company was breached should be particularly enlightening. CBS news reported that &#8220;Law enforcement sources said North Korea hacked into the Sony network by stealing the login credentials of one [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":422,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Identity and Access Management&#039;s Relevance to the Sony Hack Attack<\/title>\n<meta name=\"description\" content=\"Sony left itself vulnerable to an Identity and Access Management Breach. Act now to prevent and limit damage to your company from data breaches.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/\",\"name\":\"Identity and Access Management's Relevance to the Sony Hack Attack\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg\",\"datePublished\":\"2014-12-30T14:36:24+00:00\",\"dateModified\":\"2015-04-16T17:31:37+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"Sony left itself vulnerable to an Identity and Access Management Breach. Act now to prevent and limit damage to your company from data breaches.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg\",\"width\":600,\"height\":270,\"caption\":\"Identity and Access Management and the Sony Hack Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Identity and Access Management and the Sony Hack Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/solutionsreview.com\"],\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Identity and Access Management's Relevance to the Sony Hack Attack","description":"Sony left itself vulnerable to an Identity and Access Management Breach. Act now to prevent and limit damage to your company from data breaches.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/","url":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/","name":"Identity and Access Management's Relevance to the Sony Hack Attack","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg","datePublished":"2014-12-30T14:36:24+00:00","dateModified":"2015-04-16T17:31:37+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"Sony left itself vulnerable to an Identity and Access Management Breach. Act now to prevent and limit damage to your company from data breaches.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/12\/Identity-and-Access-Management-and-the-Sony-Hack-Attack.jpg","width":600,"height":270,"caption":"Identity and Access Management and the Sony Hack Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-and-access-management-and-the-sony-hack-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Identity and Access Management and the Sony Hack Attack"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/solutionsreview.com"],"url":"https:\/\/solutionsreview.com\/identity-management\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/408"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=408"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/408\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/422"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=408"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=408"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=408"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}