If you’re at all familiar with Information Security, you know that Identity and Access Management (IAM)—Access controls that define specific sets of privileges linked to individuals—are a fundamental security practice. However, these same principals are rarely applied to the most sensitive access of all: high-privilege access administrative accounts that have massive control over business-critical IT functions.
High-privilege access may be the most sensitive aspect of IT. Administrative accounts have the ability to make sweeping and fundamental changes to IT systems on which the business may depend. If misused, these capabilities can cause massive damage, from security threats and compliance violations to incidents that tarnish the reputation of the business itself.
Skills Plus Access Equals Target
As they are often most technically skilled users in an IT organization, privileged account holders can be responsible for vital day-to-day functions of your business, and may even have technical ownership of crucial business applications. The privileged user’s ability to manipulated high business value IT systems make them an important part of your team, but that ability also marks them as a target for outside threats.
If malicious attackers are able to abuse privileged accounts with administrative access they are able to do much more serious damage to the target business than with ordinary accounts. With administrative access, an intruder can move laterally through your business, with the ability to affect business-critical applications and infrastructure. Take away that access, and you remove the intruders ability to move.
The Insider Threat
Attacks from malicious outsiders aren’t the only thing that makes unmanaged privileged accounts a risky endeavor. Some of the largest, most impactful data breaches of all time have been carried out by insiders with access to administrative accounts.
For example, the breach of the South Korean Credit Bureau—widely considered one of the most impactful data breaches of the past decade—was carried out by an insider with administrative access. The thief made off with millions of social security numbers, phone numbers, credit card numbers, names, and physical addresses, eventually compromising the identities of over 40% of all South Koreans.
Another well know example is that of Edward Snowden, an NSA contractor with administrative account access who caused one of the largest leaks of classified information in United States History.
Addressing the Threat
To address these threats, organizations must improve the management of privileged access accounts, limit the amount of data system administrators can access and restrict some of their activities on the network. Enter the Privileged Access Management (PAM) solution.
PAM — the monitoring and protection of super user accounts— is one of the most important aspects of Identity and Access Management, and cyber security writ large, today. With a PAM solution in place, an organization can dramatically reduce the risks discussed above.
To learn more about PAM, its benefits, and its functions, I recommend checking out Enterprise Management Associate’s whitepaper “Three Important Reasons for Privilege Access Management (and One Surprising Benefit).”
The white paper, co-sponsored by renowned IAM and PAM provider Centrify, gives readers a full overview of the risks and benefits of high-privilege access, and discover how a privileged access management solution can:
- Ensure comprehensive compliance with mandates, such as the Sarbanes-Oxley Act.
- Maintain business integrity and responsible business processes.
- Tackle security risks, both inside and outside the organization.
- Reduce the ultimate cost of IT operations.
Latest posts by Jeff Edwards (see all)
- 5 Resources on Our Identity and Access Management Reading List - May 25, 2017
- Examining Gartner’s 2017 IGA Critical Capabilities Report - May 23, 2017
- How to Stop Ransomware Attacks like WannaCry - May 22, 2017