With the alarming number of cyber security breaches that have made the news over the last couple of years, there are reasons to be concerned. From the WannaCry virus to the Equifax hack, you definitely want to make sure that you have the proper measures in place in the event that your system is compromised. If your company is unfortunate enough to have suffered a breach, or even a natural disaster, your customers are going to be less confident and trusting of your abilities to safeguard their data. It is possible to have suffered a security breach and not even know it, and the public is very aware of this. It is also possible that a disaster will occur, and you will be required to bring your systems and network up as quickly as possible so that your business can resume its normal operations.
The more complex technology becomes, the more vulnerabilities it has. Even if you have continuous maintenance on your systems, updating them as soon as patches and updates are available, your systems are still vulnerable to malicious hackers. Your systems are far more secure than servers and networks that are not kept current, but that doesn’t mean your systems are impenetrable. Continuous monitoring is one of the best ways to detect a malicious user early in an attack. From administrative accounts to attachments, there are a lot of things on your system that malicious hackers can use against your system. Monitoring access to different areas and documents can give you a way of tracking potential issues before they become serious breaches.
Keeping your network completely secure is an incredibly difficult task and not one you are likely to accomplish because there will always be at least one vulnerability. However, the number of businesses that leave risky vulnerabilities open and accessible to malicious hackers is rather astonishing. One of the greatest of these risks is the administrative account, commonly called the admin account. While it used to be a necessary risk, that ceased to be true some time ago, yet so many companies still hold on to the old practices.
Admin accounts have been around for decades because they have been viewed largely as a benefit to the company, despite all of the inherent risks associated with them. As technology continues to evolve at an incredibly rapid pace, it has become essential that businesses ensure there is continuous inventorying of these accounts to protect the data that can be accessed through the admin accounts. The initial purpose of these accounts was to provide access to a lot of different areas based on a single login, or in some cases a few predetermined logins. This avoided having to create IT accounts that were highly specialized based on the user’s role.
Remediant Founder, Tim Keeler, joins Risky.Biz on April 4, 2018 to walk through some of the challenges of managing privileged access in DevOps environments and also to talk a bit about some of the challenges around single sign-on and privilege management.
Remediant is working with NIST in the National Cybersecurity Center of Excellence Privileged Account Management for the Financial Services Sector Use Case Consortium to develop practical, interoperable cybersecurity approaches that address the real-world needs of complex Information Technology (IT) systems. By accelerating the dissemination and use of these integrated tools and technologies for protecting IT assets, the NCCoE will enhance trust in U.S. IT communications, data, and storage systems; reduce the risk for companies and individuals using IT systems; and encourage the development of innovative, job-creating cybersecurity products and services. NIST does not evaluate commercial products under this Consortium and does not endorse any product or service used. Additional information on this Consortium can be found at: https://nccoe.nist.gov/project