Privileged Accounts: An Exponential Risk for Your Networks

One of the most significant risks and a major challenge for IT security teams is the proper management of privileged identities and passwords.

Privileged Accounts_ An Exponential Risk for Your Networks.jpg

Privileged identities give users greater access to system resources and configurations, and virtually all of them rely on this type of user account. Unix/ESX servers have the "root" account, Windows workstations the "administrator" account, "superusers" in SAP systems, "enable" in Cisco, "system" or "sys" environments in Oracle environments, among others.

Privileged accounts can create dangerous vulnerabilities for IT environments if they are not well managed.

A privileged account is usually allowed to change critical settings, access sensitive data in databases, create, delete, or change the access level of other user accounts.

In the hands of cybercriminals, access to privileged accounts can give full control of the IT environment, causing significant operational and financial losses.

In most security incidents that exploit a privileged account, the root cause of the incidents is the mismanagement of credentials. To solve this problem, more and more companies invest in control devices that ensure security, detection, and response against attacks that attempt to exploit administrative accounts before compromising an organization’s infrastructure. These control solutions can enforce strict rules over privileged accounts, enforce strong password policies, monitor activities, and alert managers in case of malicious activity.

Companies often neglect the management of privileged accounts, even though it's critical. According to the State of SPAM report, while 80% of companies consider privileged accounts a business-critical issue, nearly two-thirds of them use manual methods of account management with privileged access.

All information has value to someone, and thereforea data breach is a real danger. Billing worksheets, databases with customer information, personal photos, e-mail, the sheer volume of information we deal with today means that most people do not realize the value of this data.

How to solve the problem? Your company can adopt a set of best practices to reduce the vulnerable surface:

Adopt the principle of minimum privilege; no user must have administrative access unless necessary. Monitor the use of these accounts and activities of users with high level of access;

Automate the management and security of passwords for privileged accounts, this type of account demands more critical management from the IT security staff, strong passwords, constant updates, usage and user monitoring are crucial;

Educate managers, the urgency on the issue should be at the top of the priorities of your company's Executives who, by the nature of their activities, may demand a higher level of system access;

Map accounts with privileged access, without knowing exactly which users have what type of access it is impossible to manage these accounts and reduce the attack surface, creating an inventory with all the accounts, passwords and access levels is the first step.

Alexandre Fernandes is CIPHER's MSS Security Specialist.

Free Security Assessment Tool

Did you enjoy this blog article? Share it with your friends or comment below.
 
.

 

About CIPHER

Founded in 2000, CIPHER is a global cybersecurity company that delivers highly accredited SOC I and SOC II Type 2 certified Managed Security Services and Security Consulting Services with expertise across ISO 20000 and ISO 27001, and PCI DSS holding the QSA and PCI ASV certifications. We have received many awards including Best MSSP from Frost & Sullivan for the past five years. These services are supported by the best-in-class security intelligence lab: CIPHER Intelligence. Our offices are located in North America, Europe, and Latin America with 24×7×365 Security Operations Centers and R&D laboratories, complemented by strategic partners around the globe. 

Our clients consist of Fortune 500 companies, world-renowned enterprises, and government agencies with countless success stories. CIPHER provides organizations with proprietary technologies and specialized services to defend against advanced threats while managing risk and ensuring compliance through innovative solutions. 

Subscribe to Us!

Recent Security Posts

Essential-Cyber-Security-Tips-Guide.jpg

Twitter Feed