Background Facts:
Relevance to Business Activity:
-
security-technical safeguards
considerations:
-
Luxottica's IT security discovered that its mainframe had been breached during an investigation in July;
-
the intrusion occurred into its mainframe, which:
-
is a more difficult target for hacking than other systems; and
-
according to an electronic data processing auditor,
is not generally accessible to the internet:
-
the hacker most likely had to compromise other systems internally before getting to the mainframe.
-
Luxottica has released few details about the intrusion, but
a chief technology officer of another company states:
-
it is likely the hacker accessed another server first, then hopped from machine to machine until getting to the mainframe;
-
if the organization created a few basic rules, this breach would not have happened.
-
log management companies offer software that:
-
enables users to set policies that send up flags in near-real-time when unauthorized behavior is detected.
-
a chief technology officer of a log management company states that:
-
Luxottica will have to
restore backup tapes and
figure out what happened, or:
-
they will miss a few servers the hacker compromised that someone could exploit months later.
Source Document:
http://www.internetnews.com/security/article.php/3787431/Mainframe+Breach+at+LensCrafters+Parent+Hits+59K.htm