How multiple IT set-up layers compromise privileged accounts?
February 14, 2017 | Root Accounts, Administrative Logins
In this digital age, data is the most valued asset for organizations. What we observe today is a quantum leap forward in the way organizations collate and manage data to comprehend business and market patterns, trends, and unfamiliar correlations through big data analytics and artificial intelligence.
But as information technology transforms our day-to-day activities, our vulnerability to data breach has also increased amidst a rising number ofcyber crimes, premeditated by compromised insiders and external organized cyber crooks.
Securing privileged identities, login accounts with highly elevated permission to access enterprise’s critical data—invariably remains one of the biggest targets for cyber criminals and compromised insiders.
Let us try to understand how an enterprise’s privileged identities/accountsbecome vulnerable.
In the current scenario, an enterprise’s IT infrastructure is structured in multiple layers of devices and applications both in the premises and virtual set-up. There are many reasons why firms prefer multiple IT layers. Firstly, it allows flexibility in managing vendors and OEMs, which in turn, leads to better operational management as IT personnel can assign separate teams for overseeing each layer. Besides, multiple IT layers also avert total system failure as there is no single point of failure.
However, managing several IT layers come with a share of risks.
You see, each installation of device and application, results in a separate administrative account. For instance, an enterprise manage administrative logins for several operating systems. Further, there is root and administrator accounts in a shared file system and network layers. Enterprises, typically from the retail and banking and finance industry, have highly privilege service and process accounts on the application and database layers.
In a nutshell, those accounts with elevated authority to access critical information proliferate with a growing number of IT layers. Typically, a mid-size firm manage 1000 devices or more with an average 100 privileged accounts in a given IT ecosystem.
That means, as organization’s IT setup expands, it has to manage multitude of sys¬tems that need to be monitored sep¬arately, i.e., the administrative logins don’t get misconfigured or shared; instances are not published with default logins that can be looked up in the device’s user manual; and other wide-ranging security practices that should be followed for credentials and access rights.
If an attacker succeeds in breaching a small subset of vulnerable administrative accounts, the installed system in question can get compromised without leaving any hint until it’s too late.
Integrating advanced automated software like Privileged Access Management (PAM) / Privileged Identity Management (PIM) in IT systems can safeguard our digital assets though. PAM allows IT security personnel to continuously monitor and block any unusual activities going around highly vulnerable privileged credentials.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us