[BreachExchange] Seven Ways to Protect Your Organization’s Privileged Accounts

Tue Jun 26 19:06:04 EDT 2018

https://www.cso.com.au/article/642926/seven-ways-protect-your-organization-
privileged-accounts/

The increases in sophisticated, targeted security threats by both external
attackers and malicious insiders have made it extremely difficult for
organizations to properly protect critical and sensitive information. The
task of protecting these assets has only grown harder as IT environments
have become more complex and widely distributed across geographic locations
and in the cloud.

Many high-profile breaches have one thing in common: They were accomplished
through the compromise of passwords. In many cases, end-user passwords are
initially hacked through various social engineering techniques. Then
permissions are escalated to gain access to more privileged accounts — the
keys to the kingdom. This unauthorized access can easily go undetected for
weeks or even months, allowing hackers to see and steal information at
their convenience.

Unfortunately, many IT users lack a full understanding of how privileged
accounts function, as well as the risks associated with their compromise
and misuse. That makes them and their organizations much more vulnerable to
potential monetary and reputational damage from increasing threats.

Hacking the Hacker

Privileged account management (PAM) doesn’t have to be an insurmountable
challenge. Any organization can control, protect, and secure its privileged
accounts (and make the hacker’s job more difficult) with these practical
tips:

Steer clear of manual methods for PAM: Too many organizations today still
rely on Microsoft Excel spreadsheets to keep track of privileged account
passwords and share them among employees. These manual practices are
dangerous and inefficient. Automated PAM software solutions can be
installed quickly and managed with minimal effort. You save time and money
and greatly increase protection from hackers and malicious insiders.

Educate employees: The weakest security link in most organizations is
humans. As more sophisticated social engineering and phishing attacks have
emerged, companies need to expand their IT security awareness programs
beyond simple online tests or signoffs on security policies. As personal
mobile devices are increasingly used for business purposes, educating
employees on secure behaviours has become imperative.

Discover and automate the management of privileged accounts and SSH (Secure
Shell) keys: Use a dedicated PAM software solution and start by focusing on
the most critical and sensitive privileged accounts, and implement
continuous discovery to curb privileged account sprawl, identify potential
insider abuse, and reveal external threats. This helps ensure full, ongoing
visibility of your privileged account landscape crucial to combatting
cybersecurity threats.

Limit IT admin access to systems: Limit access through a least-privilege
strategy, meaning privileges are only granted when required and approved.
Enforce least privilege on end-user workstations by keeping end-users
configured to a standard user profile and automatically elevating their
privileges to run only approved applications. For IT administrator users,
you should control access and implement super user privilege management for
Windows and UNIX systems to prevent attackers from running malicious
applications, remote access tools, and commands.

Protect privileged account passwords: Proactively manage, monitor, and
control privileged account access with password protection software. The
solution should automatically discover and store privileged accounts;
schedule password rotation; audit, analyze, and manage individual
privileged session activity; and monitor password accounts to quickly
detect and respond to malicious activity.

Limit privileged and unknown applications: Application accounts need to be
inventoried and undergo strict policy enforcement for password strength,
account access, and password rotation. Least-privilege and application
control solutions enable seamless elevation of approved, trusted, and
whitelisted applications while minimizing the risk of running unauthorized
applications.

Choose a partner for your PAM solution: Implement a comprehensive PAM
solution with a trusted partner to help you control access to systems and
sensitive data, comply with policies and regulations, and ultimately make
your company safer. Look for software solutions that automate the
identification and understanding of risk to your privileged accounts, along
with continuous monitoring, recording, and secure storage.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180626/8ee4f994/attachment.html>