Privileged account attacks continue to rise – why wouldn’t they when they hold the keys to the kingdom of your data? Privileged identities offer the perfect roadmap to business systems, while at the same time making an attacker’s detection more difficult.
Once into the network, privileged identities can be used to turn off security controls, increase privileges and deliver immense damage.
The essence of privileged access is to provide authorised users with the company’s most confidential credentials. It’s all too easy to be complacent about not storing credentials securely, or not changing passwords frequently enough, but the end result of both actions is assured – namely, credential theft followed by cyber attack.
So, what is the holy grail for cyber security criminals? The answer to that is in short – unfettered access to the network. Once the fox is inside the henhouse, it is open season on data.
Privilege escalation is identified as one of the main objectives of an attacker in any breach. The challenges businesses face include:
- Third-parties with access to systems originating from sources outside of the security controls.
- The ever-increasing attack surface due to SaaS systems.
- Staff working remotely.
In the face of potential financial penalties – already being levied by the Information Regulator of South Africa against businesses that suffer data breaches − you might want to ask some questions around this issue.
For example:
- How many privileged accounts are there in your environment? Historically, cyber security has been dominated by a siloed approach with isolated products deployed across networks, with networking and security existing as separate entities. This fragmented methodology has been shown to induce significant vulnerabilities, forcing companies to attempt to cobble disparate point solutions together and subsequently increasing complexity and hindering visibility.
- Is the company struggling with visibility and the auditing of privileged account use?
- How does the organisation stack up in terms of meeting regulatory requirements or cyber insurance mandates for privileged access controls? Remember, in terms of insurance, companies that are not compliant will be in breach of policy terms and conditions, and as such, uninsured.
- Are third-parties accessing business-critical systems from locations outside the firm’s control?
- How many critical systems are there in the environment?
So, who do you trust? In a word: ‘nobody’.
When it comes to information technology today, every debate or published article around it brings in artificial intelligence (AI) to the extent that it seems impossible to address it without mentioning AI – one is now intrinsic to the other.
The same goes for any discussion around cyber security – zero-trust is the only approach to take. It’s no longer safe to assume just because a device is connected to the network that it should have access to everything – solutions that continually verify who and what is tapping into and using resources must be deployed.
Internet of things (IOT) and endpoint devices need to be identified and secured. If implementing a PAM managed service strategy, IT teams will have full visibility into and control over what’s connected to the network.
Privilege escalation is identified as one of the main objectives of an attacker in any breach.
COVID came and went but left indelible changes to the way we do business. Remote working has exponentially expanded the attack surface.
IOT devices continue to flood networks and operational environments, making continuous verification of both crucial as they access corporate applications and data.
To protect networks and applications, administrators must implement a zero-trust access approach and provide the least number of access privileges. Implementing zero-trust access includes requiring strong authentication capabilities, powerful network access control tools and pervasive application access policies.
Applying the zero-trust security model to application access makes it possible for businesses to move away from the use of traditional virtual private networks that historically provided unrestricted access.
Zero-trust network access solutions grant access on a per-session basis to individual applications only after devices and users are verified. This policy is also applied when users are on the network, which provides the same zero-trust model no matter where the user is located.
Critical assets and privileged accounts must be securely accessed if companies are to protect their environment and be legislatively compliant.
For many businesses, the most cost-effective way of achieving this is through a fully-managed PAM service, where privileged and third-party users are relieved of the burden of securing access, compliance issues, changing passwords sufficiently often, etc, and are free to get on with the business at hand.
Moreover, a managed service will ensure businesses meet their cyber insurance requirements for privileged access control and management.
Share