Thousands of misconfigured Access Management Systems (AMS) have been discovered by researchers, exposing sensitive data online. These misconfigured AMS not only put staff’s sensitive details at risk but also expose other critical data, jeopardizing the security of important buildings worldwide.
Security Risk Posed by Misconfigured AMS
Cybersecurity firm Modat researchers have published a detailed report on the alarming security risk posed by exposed Access Management Systems (AMS). They identified numerous misconfigured AMS globally, compromising the physical security of crucial buildings.
The researchers emphasized the global threat posed by internet-facing misconfigured AMS, highlighting risks such as data theft, unauthorized system access, information disclosure, and identity theft. These vulnerabilities span across various sectors, including education, healthcare, manufacturing, construction, oil, and government systems.
During a global scan earlier this year, the researchers identified over 49,000 misconfigured AMS primarily in non-residential buildings. They were able to access sensitive information like employee details, biometric data, access timestamps, and vehicle access records, posing a significant security risk.
Recommended Security Measures
In response to these findings, the Modat team contacted organizations at risk and advised implementing security measures such as placing AMS behind firewalls and VPNs, regular security updates, credential changes, and vulnerability scans.
Share your thoughts in the comments section.
