Privileged Access Misuse: Four common mistakes firms make
April 27, 2017 | Critical Accounts, Authentication
Any modern-day enterprise’s information systems setup is not static. It grows as business expands. And as business goes through a transition period amidst rising amount of workloads shifting to cloud, the administrative accounts – logon credentials with elevated permission to access servers, critical data bases, and applications—also multiply.
Organizations risks data breach lest privileged accounts are not secured from possible misuse, particularly at a time when administrative accounts get operated by multiple users, which includes third-party service providers.
Here are the four common mistakes that organizations make as to safeguarding privileged accounts.
1. Failure to itemize critical accounts
it’s one of the most common mistakes. Organizations often are completely oblivious or pay a very attention to the number of privileged accounts that exist within their IT ecosystem. If firms fail to secure these identities, compromised corporate insiders or organized cyber criminals can easily exploit the security gaps to steal the data by gaining unauthorized access into the system. An itemized list of privileged accounts would help better organize the complex IT setup.
2. Ambiguity over who will administer privileged accounts
Just compiling a list of privileged accounts is not sufficient. Organizations should clearly define who will be administrating these accounts, including their roles and responsibilities. Again, authorizing someone with privileged access does not mean that a privileged user can access all the underlying components.
3. No clear outline on how to use privileged sessions
There is a complete absence of policy, which defines when a privileged session could be undertaken (time-bound access) along with other common mistake such as lack of dual-control authorization and passwords rotations.
4. Absence of multi factor authentication
In this age, where organization’s digital assets risk persistent threats from malware, botnets, phishing, and possible privilege access misuse from compromised insiders, no amount of network security will ensure safety for your highly sensitive information. A multi-factor access authentication is a must. A privileged user should only be able to access IT systems after giving randomly generated token or one-time-password (OTP), in addition to privileged credentials.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us