Two Fatal Mistakes in Privileged Access Management
April 24, 2020 | Just-in-time-privileges, Remote Access
During this critical hour of COVID-19 pandemic, global organizations are counting on Work From Home strategy to maintain business continuity. Due to this unprecedented situation, most of the organizations couldn’t get enough time to evaluate their security of IT infrastructure before allowing employees to work as remote users. Even the organizations that were already practicing BYOD, could not manage enough time to reassess their remote access security robustness. Even prior to this unprecedented episode, organizations with excessive privileges and too many shared accounts used to face the same risk. Almost 80% of the security breaches that global organizations face involve the misuse of privileged accounts.
The Double Risks
Shared Accounts: Authenticating multiple users from a single user account is never a smart idea as far as access security is concerned. There are employees, contractors, customers, third parties and others who have authorized access to the most valuable digital assets of the company on a daily basis in a shared environment. In this context, the organization bears a high risk if their privileged activities are not monitored and managed with the utmost security. In fact, 74% of global data breaches start with unauthorized access to shared accounts (as per Forbes). Even for the savviest IT security team, the task of managing shared accounts involves complexities and huge security risks.
Excessive Privileges: Many times, organizations require excessive privileges to perform a whole set of tasks. It is normal for the admins to allow these privileges but unfortunately, the access rights of these accounts are hardly revoked even after the accomplishment of the tasks. Ponemon Institute points out that 49% of the organizations lack proper policies for assigning new privileged users. In addition to that, 40% of the organizations are not even aware of the number of privileged accounts they have in their network, according to Verizon. Excessive privileges result in a whole set of IT security vulnerabilities, which organizations seldom pay attention to and eventually suffer data breaches or privileged misuse.
How to mitigate these risks?
A full-blown Privileged Access Management (PAM) solution is the most reliable way to get rid of privileged security worries. ARCON | PAM has a host of robust security functionalities that can minimize the risk of malicious insiders performing nefarious activities through shared accounts.
1. Single-Sign-On (SSO) is an authentication process with one set of login credentials that provides access to a host of IT devices. This tool provides one-time access to target systems that helps to refrain from sharing crucial credentials with non-admin users. Moreover, it prevents the misuse of privileged rights while implementing the principle of least privilege. Normally, organizations create privileged identities on an ad-hoc basis and the privileged rights are not revoked after the task is accomplished. Hence, it is always recommended for the IT administrators to refrain from creating new privileged accounts.
2. According to the Gartner Magic Quadrant report for Privileged Access Management, 2018, “By 2022, more than half of enterprises using Privileged Access Management (PAM) tools will emphasize just-in-time privileged access over long-term privileged access, up from less than 20% today.”
Today, the number of privileged accounts are proliferating across every enterprise network globally. This means, there are chances of low or zero control over the privileged access, rights and permissions. Just-in-time privileges can drastically minimize the access threat surface and reduce risks across the enterprise network. Just-in-time privileges can ensure that the privileged identities having access rights to target systems are limited to exactly what is necessary, nothing more than that. Privileges are revoked once the task is completed.
3. On the other hand, the administrators can restrict and control privileged users according to their roles and duties with the help of Fine-Grained Access Control. This enables the IT security staff to allow and restrict privileged activities only on a “need-to-know” and “need-to-do” basis. The access is not granted to certain critical information if a privileged user is not entitled to access the same. This restriction and command filtration capabilities ensure controlled and authorized access to critical information to target systems and thereby provide the deepest level of security.
The Bottom Line:
The process of eliminating excessive privileges is always a daunting task. Hence, it is always wise to create privileges only when it is required with a concrete tracking mechanism. Also, too many shared accounts draw lots of unwanted activities that can be refrained from at any cost to maintain a secured environment. This is highly imperative round the year and should be more stringent during this COVID-19 crisis.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.