How to Protect Your Organization’s Privileged Accounts

The increase in sophisticated, targeted security threats by both external attackers and malicious insiders have made it extremely difficult for organizations to properly protect critical and sensitive information. The task of protecting these assets has only grown harder as IT environments have become more complex and widely distributed across geographic locations and in the cloud.

At Thycotic, we know that many high-profile breaches have one thing in common: They were accomplished through the compromise of passwords. In many cases, end-user passwords are initially hacked through various social engineering techniques. Then permissions are escalated to gain access to more privileged accounts — the keys to the kingdom. This unauthorized access can easily go undetected for weeks or even months, allowing hackers to see and steal information at their convenience.

Unfortunately, many IT users lack a full understanding of how privileged accounts function, as well as the risks associated with their compromise and misuse. That makes them and their organizations much more vulnerable to potential monetary and reputational damage from increasing threats.

Hacking the Hacker

Privileged account management (PAM) doesn’t have to be an insurmountable challenge. Any organization can control, protect, and secure its privileged accounts (and make the hacker’s job more difficult) with these practical tips:

Steer clear of manual methods for PAM: Too many organizations today still rely on Microsoft Excel spreadsheets to keep track of privileged account passwords and share them among employees. These manual practices are dangerous and inefficient. Automated PAM software solutions can be installed quickly and managed with minimal effort. You save time and money and greatly increase protection from hackers and malicious insiders.

Educate employees: The weakest security link in most organizations is humans. As more sophisticated social engineering and phishing attacks have emerged, companies need to expand their IT security awareness programs beyond simple online tests or signoffs on security policies. As personal mobile devices are increasingly used for business purposes, educating employees on secure behaviors has become imperative.

Discover and automate the management of privileged accounts and SSH (Secure Shell) keys: Use a dedicated PAM software solution and start by focusing on the most critical and sensitive privileged accounts, and implement continuous discovery to curb privileged account sprawl, identify potential insider abuse, and reveal external threats. This helps ensure full, ongoing visibility of your privileged account landscape crucial to combatting cybersecurity threats.

Limit IT admin access to systems: Limit access through a least-privilege strategy, meaning privileges are only granted when required and approved. Enforce least privilege on end-user workstations by keeping end-users configured to a standard user profile and automatically elevating their privileges to run only approved applications. For IT administrator users, you should control access and implement super user privilege management for Windows and UNIX systems to prevent attackers from running malicious applications, remote access tools, and commands.

Protect privileged account passwords: Proactively manage, monitor, and control privileged account access with password protection software. The solution should automatically discover and store privileged accounts; schedule password rotation; audit, analyze, and manage individual privileged session activity; and monitor password accounts to quickly detect and respond to malicious activity.

Limit privileged and unknown applications: Application accounts need to be inventoried and undergo strict policy enforcement for password strength, account access, and password rotation. Least-privilege and application control solutions enable seamless elevation of approved, trusted, and whitelisted applications while minimizing the risk of running unauthorized applications.

Choose a partner for your PAM solution: Implement a comprehensive PAM solution with a trusted partner to help you control access to systems and sensitive data, comply with policies and regulations, and ultimately make your company safer. Look for software solutions that automate the identification and understanding of risk to your privileged accounts, along with continuous monitoring, recording, and secure storage.


Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

How Larry Page Achieved a Net Worth of $53 Billion
10 Things You Didn’t Know About Target CEO Brian Cornell
Is TaxHawk a Good Option for Small Business Owners?
How Kevin O’Leary Achieved a Net Worth of $400 Million
The Five Most Expensive Credit Cards in the World
10 Benefits of Having a Belk Credit Card
Tax Form 8949 Instructions for Reporting Capital Gains and Losses
Convenience Costs: But Not With Self-Directed Retirement Plans
Why Choose to Transfer from Windows Live Mail to Microsoft Outlook?
The Top Five Advances in Robotic Arm Technology
The Most Detailed Map of the Universe to Date
Phoenix Rising: The Connected Place
10 Things to Do in Sacramento, CA for First Time Visitors
The Five Best 5-Star Hotels in Santorini, Greece
The Five Best 5-Star Hotels in Sydney, Australia
10 Things to Do in Colorado Springs for First Time Visitors
The Story of How Gateway Classic Cars Became the Largest Dealer of Its Kind
The 10 Best Muscle Cars of the 90s
The Five Best Mercedes RVs of All-Time
The 10 Best Muscle Cars of the 1980s
The Five Best Rosefield Watches on the Market Today
The Five Best Watches Using Tritium Technology
The Five Best Seiko Dive Watches on the Market Today
The Five Best Tommy Hilfiger Watches on the Market Today