Privileged Identity Management— the monitoring and protection of super user accounts— is one of the most important aspects of Identity and Access Management, and cyber security writ large, today. Take a detailed look at some recent data breaches and chances are high the malicious party used a compromised privileged account to increase their permissions.
It’s been proven time and time again: unmanaged, unmonitored privileged accounts are an easy target for both external attacks and malicious insiders that can lead to loss or theft of extremely sensitive information. Despite this, it can be difficult to get those in decision-making positions to allocate resources for a full-fledged Privileged Identity Management Initiative.
With that issue in mind, we’ve created a list of four resources that will help our readers identify PIM’s biggest payoffs, the top reasons to adopt a PIM solution, and the best practices in implementing one. Already have a PIM program in place and want to make sure you’ve covered all the bases? We’ve got you covered too. Enjoy!
Three Important Reasons for Privileged Access Management (and One Surprising Benefit)
Looking to convince a decision-maker in your organization that PIM/PAM is a necessary and worthwhile investment? This paper could be your golden ticket. Despite the clickbait-esque title, this white paper is a concise and valuable resource, and it does exactly what it claims to do. In just 6 pages, you’ll find three convincing pressing reasons for PIM, and one surprising benefit (spoiler: the benefit is reduced IT cost, but I’ll let you read the paper to find out how.
Excerpt: “High-privilege access is one of the most sensitive aspects of IT. Administrative accounts have the ability to make sweeping and fundamental changes to IT systems on which the business may depend. When used in ways not intended, the impact of this capability can cause a wide spectrum of damage, from security threats and compliance violations, to incidents that tarnish the reputation of the business itself. For these reasons and more, privileged access visibility and control has been recommended – and often required: regulatory mandates, assure responsible governance, improve security”
The Role of Privileged Accounts in High Profile Breaches
Take a look at some recent breaches and you’re bound to see a common thread: if privileged identities were better managed, then the impacts of data breaches would be better managed too. This white paper from Privileged Account Management provider CyberArk gives a detailed analysis of the role that compromised privileged accounts play in data breaches.
Excerpt: “The methodology of advanced attacks is ultimately reliant on the exploitation of privileged accounts for groups to move throughout the network and exfiltrate data undetected. Organized or unorganized, political or state sponsored, these groups may have different motivations, tolerance for risk, and willingness to demonstrate persistence, but they all share the one common trait. Privileged accounts are on their critical path to success 100% of the time in every attack, regardless of the threat. Therefore, having increased visibility and actionable intelligence on privileged accounts within an organization’s IT environment greatly increases the ability to successfully detect and disrupt a compromise.”
Best Practices for Privileged Identity Management in the Modern Enterprise
Published By: Centrify
Centrify’s second entry is the most recent release featured on this list and it gives a solid overview of several best practices for Privileged Identity Management in the modern, hybrid enterprise environment. This white paper deftly handles best practices for privileged superuser management across categories not often tackled, such as big data and cloud deployments.
Excerpt: “Data breaches continue to be top of mind for organizations large and small. Two key dynamics are making that challenge much harder — the cloud and the growing sophistication of attackers. In this paper, we explore the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. We look at these and related trends impacting our data security and specifically, best practices on how to manage and govern privileged user access to mitigate these risks.”
Avoiding Insider Threats to Enterprise Security
Published By: IBM
This white paper from IBM a different path and approaches Privileged Identity Management from the perspective of the insider threat. This is important—some of the biggest, most disastrous data breaches in history have been caused by malicious insiders, such as the Korean Credit Bureau breach, in which an insider compromised the identities of 40% of all South Koreans.
Excerpt: “In many organizations today, the chief security threat isn’t the external hacker or the careless employee, but the privileged user with access to critical data—the “crown jewels”—of the organization. Systems administrators, database managers, even corporate executives can cause major security breaches and jeopardize the safety of sensitive assets, unwittingly or on purpose. Because of the overarching access of these users, their privileged identities have extraordinary abilities to control and exploit an organization’s data, applications and endpoints. Whether they are accessing data in insecure locations, deliberately exposing or downloading data, or even exposing their credentials to outside hackers, privileged users can wreak havoc on the most secure infrastructure. And if those privileged users aren’t being properly tracked and monitored, there’s no way of knowing what they are up to or which assets are being compromised.
- 17 Cybersecurity Podcasts You Should Listen to in 2020 - January 3, 2019
- What’s Changed: Gartner 2017 Magic Quadrant for Identity Governance and Administration (IGA) - January 28, 2018
- Crossmatch Integrates Keyboard Capture to Identity Management Software - November 27, 2017