Why Communications Service Providers Operating Large Networks Are The Biggest Targets: PAM Matters
By: Mohie Ahmed
The ten largest Communications Services Providers (CSPs) also operate Tier One networks and are the stewards of what some say is the most critical infrastructure in the world.
The world’s top 10 telecommunications companies each have a market value of more than $50 billion, and their industry is expanding – and changing – every day. They carry the digital future of our planet on their shoulders and are responsible for connected systems that are running more systems that are controlling more endpoints, including connected cars, automated trains, embedded medical devices, entire energy grids, and so much more.
These ten top CSPs are grappling with new challenges, including the evolution of cloud services, and the rapid growth of the Internet of Things (IOT) which, when combined with the proliferation of mobile devices, is leading to new challenges at the edge of the network, which is both an opportunity and a threat for them.
China Mobile Ltd. (CHL), the leading provider (by the number of subscribers) of real-time communications services in China, is the top telecommunications company in the world. With a market value well over two hundred billion dollars and steady growth, they support nearly one billion customers.
Verizon Communications, Inc. (VZ) is the largest CSP in the United States, also with a market value over $200 billion, and operations in more than 150 countries (each with its own requirements for security and more).
AT&T Inc. is the second largest CSP in the United States, also topping $200 billion, and provides voice services in more than 200 countries, with 355 million subscribers.
Why is Privileged Access Management (PAM) so important for these communications giants? Precisely because they connect so many people, places and things, including systems that are increasingly automated, and applications that hold exponentially more data – all which makes them (and their customers) targets of insider threats and attacks by adversaries.
It is fundamental for them to ensure that only authorized users have administrator privileges and access to their network systems and assets. Because of the geographically distributed infrastructure and workforce, compounded by the distributed nature of their enterprise and business customer base and consumer subscribers, traditional PAM approaches don’t scale.
As the industry pushes forward with not only cloud-friendly but cloud-native PAM, such as the solution Ironsphere offers, it becomes both possible and economical to integrate PAM across every business unit of CSPs.
Without a comprehensive cybersecurity strategy, new innovations and initiatives are more difficult to roll-out, as the spotlight on cybersecurity for every new application, platform or device is intense given serious breaches and attacks in the news every day.
CSPs and other large enterprises like banks and e-commerce companies, require efficient, cost-effective security tools to improve productivity and customer service, and key to that is ensuring PAM solutions are in place to protect what they connect.
CSPs are thriving and profitable, but they are faced with new challengers and must balance growth, customer trust and compliance with government regulation, which vary from region to region and country to country. The transparency required by regulators is in place so CSPS cannot compromise their subscribers’ and customers’ data integrity, quality of service, and privacy. Fines for doing so can be massive, including the GDPR’s framework calling for up to 4% of total revenues (not profits) should personal privacy be violated.
The bigger a company is, and the more connected a company is, the clearer the business case for making PAM a cornerstone of an overall security and cybersecurity platform. A proven scalable solution, like Ironsphere (which is inside the networks of providers including Turkcell, GTT and others), makes the most sense as given the nature of our architecture, it is easier and faster to implement, managed and adjust. Given efficiencies which are part of our DNA, Ironsphere also helps to keep the costs of security and IT operations in check, by improving productivity through Privileged Task Automation (PTA), and other unique features.
With a solid PAM, PTA and related solutions in place, CSPs can take on growth strategies and can innovate and roll out competitive offerings with less risk of exposure when only authorized users have administrator privileges to critical digital assets – theirs, and their subscribers and customers.
Author: For additional information regarding this critical topic, contact Mohie Ahmed – firstname.lastname@example.org
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.