IoT / #TEISS16: How good privileged account management can help bolster firms’ security
#TEISS16: How good privileged account management can help bolster firms’ security
1 March 2016 |
Good privileged account management can be critical to cyber breach prevention and detection and can help to minimise the damage done when an incident does occur.
Speaking at The European Information Security Summit 2016, CyberArk professional services manager Alex Wilson said: “You can’t ever prevent everything, so what do you do when you have been breached and how can you minimise the effect of that?”
He focused on privileged accounts, saying that everyone from employees who use company social media accounts to system administrators use these.
“If we have a look at the attack chain, there are two ways in,” Wilson said. “We have internal users who already have access to the privileged credentials, and we have external threats.”
External threat actors, he explained, will move laterally, looking for more privileged credentials in an attempt to get as much access as possible and eventually move upwards.
For clarity, firms need to know who is accessing which account, why they are accessing it and what they are actually doing while they are there.
“What if you’ve got an employee within a third party who leaves?” Wilson asked. “Are you told about that, or do they just know?”
There also needs to be a process for investigating new applications, he said, and also one to monitor credentials when it comes to cloud services.
And, of course, it is impossible to have clarity around accounts security do not know about.
“What we end up with is a mixed approach with a lack of consistency across the mix of application types,” Wilson said of the complexity of account management.
This creates security problems because by, for example, using Windows authentication to access other devices, they all become vulnerable to Windows exploits.
And using a single account to access all of these means only one breach could give an attacker access to all of those services.
But by using a central vault of accounts that a user logs into to access the other services, which can track which user is accessing those services and require that they log in using two-factor authentication or biometrics.
Latest posts by Matt Smith (see all)
- 60 per cent of firms use advanced technology without proper security - 20th March 2017
- WhatsApp flaw let hackers hijack accounts with image trick - 16th March 2017
- 70 per cent of firms struggle to secure data outside the office - 16th March 2017
- Insecure code putting business data at risk - 14th March 2017
- Internet of Things ransomware on the rise - 14th March 2017