ThreatNG Security

View Original

Kustomer

Kustomer is a cloud-based customer relationship management (CRM) platform that handles customer service interactions. It offers features like:

  • Omnichannel Support: Allows you to manage customer inquiries from various channels, such as email, phone, chat, and social media, in one platform.

  • Ticketing system: Streamlines tracking and resolving customer support tickets.

  • Customer self-service portal: Empowers customers to find solutions independently through a knowledge base or FAQs.

  • Reporting and analytics: Provides insights into customer interactions and helps measure service performance.

Many organizations use Kustomer internally to manage their customer support operations. However, organizations must be aware of all externally identifiable Kustomer implementations connected to their operations for cybersecurity reasons. It includes:

  • Public Kustomer Instances: Some organizations might have Kustomer instances accessible through a public portal for specific purposes, potentially exposing sensitive customer data.

  • Subsidiaries and Affiliates: Different branches or connected companies could have separate Kustomer instances, creating data sharing points.

  • Third-Party Vendors and Suppliers: Many vendors might use Kustomer to manage customer interactions, potentially containing data relevant to your shared customers.

  • Shadow IT: Employees might use unauthorized personal Kustomer instances to manage customer service interactions, introducing security risks.

Understanding the entire Kustomer ecosystem is critical for cybersecurity reasons:

  • Attack Surface Expansion: Every connected Kustomer instance represents a potential entry point for attackers. Vulnerabilities in a third-party's Kustomer setup could be exploited to gain access to your organization's data within Kustomer, potentially exposing sensitive customer information like names, contact details, or support history.

  • Data Breaches: Kustomer instances often store sensitive customer data. A compromised instance can lead to data breaches and unauthorized access to this critical information.

  • Misconfigured Access Controls: Improper access controls within Kustomer can grant unauthorized users access to sensitive customer data or the ability to disrupt customer service operations.

  • Compliance Issues: Regulations like GDPR and CCPA have strict data security requirements. Organizations must know where their customer data resides and how it flows through connected Kustomer instances to ensure compliance.

By comprehensively mapping their Kustomer ecosystem, organizations can proactively manage security risks and protect customer data from unauthorized access within their network and their partners.

ThreatNG fortifying your Kustomer Ecosystem

ThreatNG, with its combined EASM, DRP, and security ratings capabilities, can be valuable in securing your organization's third-party and supply chain ecosystem, particularly concerning Kustomer implementations. Here's how:

1. External Kustomer Identification:

  • ThreatNG can scan the public internet to identify all externally facing Kustomer instances connected to the organization, its subsidiaries, and its known vendors (third-party connections).

  • It includes uncovering shadow IT situations where suppliers or employees might use unauthorized personal Kustomer instances.

2. Risk Assessment of Kustomer Instances:

  • ThreatNG can analyze the security posture of identified Kustomer instances. It includes looking for:

    • Publicly Accessible Instances: Instances accessible through the Internet pose a significant security risk.

    • Misconfigured Access Controls: Improper access controls granting unauthorized users access to sensitive customer data or the ability to disrupt customer service operations.

    • Outdated Software: Outdated versions of Kustomer may contain known vulnerabilities.

3. Continuous Monitoring:

  • ThreatNG can continuously monitor the external attack surface for changes, including new Kustomer instances or newly discovered vulnerabilities in existing ones.

4. Integration with Security solutions:

  • ThreatNG integrates with various security solutions to create a holistic security posture:

    • GRC (Governance, Risk, and Compliance): Identified risks are fed into the GRC platform, triggering pre-defined workflows for third-party risk management.

    • Risk Management Platforms: ThreatNG shares risk data to help prioritize remediation efforts based on the criticality of customer data stored and potential impact.

    • SaaS Security Posture Management (SSPM) solutions: ThreatNG can share details about the Kustomer instance with the SSPM solution, assessing the supplier's overall security posture.

Workflow Example:

  1. ThreatNG identifies a public Kustomer instance: The organization receives an alert from ThreatNG about a publicly accessible Kustomer instance used by a critical delivery partner that contains customer support tickets with order details and shipping information.

  2. Risk Management & GRC Integration: The risk is fed into the risk management platform and triggers a high-priority workflow in the GRC system for third-party risk management.

  3. Communication and Remediation: The organization's security team immediately contacts the delivery partner, notifying them of the critical security risk and requesting immediate action to secure the instance.

  4. SSPM Integration: ThreatNG can share details about the instance with the SSPM solution. The security team can then use the SSPM solution to assess the partner's overall security posture and identify any other potential vulnerabilities in their SaaS applications used for customer interactions.

Desired Business Outcomes:

  • Reduced Third-Party Risk: By proactively identifying and assessing external Kustomer instances, organizations can hold suppliers accountable for maintaining secure customer data handling practices.

  • Improved Security Posture: Continuous monitoring aids in detecting and remedying vulnerabilities before exploitation, averting data breaches and unauthorized access to private client data.

  • Streamlined Workflow: Integration with existing security solutions allows for a centralized view of security risks, facilitates a more efficient response process, and avoids siloed information.

  • Enhanced Compliance: Organizations can better meet compliance obligations related to data protection and secure consumer data management by having better visibility into third-party security posture.

  • Improved Customer Trust: Organizations can strengthen customer trust and loyalty by demonstrating proactive measures to safeguard customer data across their ecosystem.

ThreatNG is the initial line of defense, uncovering external Kustomer instances and potential security risks. It then integrates with existing security solutions to streamline the risk management process and achieve a more secure third-party and supply chain ecosystem, specifically with Kustomer customer service implementations.