January 12, 2018 By Rick M Robinson 2 min read

User access credentials are prime targets for cyberthieves. Phishing and other social engineering attacks are all about obtaining access, and the advice you read about strong passwords and two-factor authentication is all about preventing bad actors from gaining access to your organization’s network.

But all user access is not created equal. What attackers really want is privileged access, such as administrator status. This access is what gives fraudsters the keys to the kingdom, which makes privileged identity management (PIM) a critical key to security. Unfortunately, according to recent data, organizations are not doing a good job of safeguarding these credentials.

Leaving the Keys in the Ignition

A study by One Identity revealed almost laughably bad practices regarding privileged access management. Nearly 1 in 5 organizations (18 percent) use paper logs to manage privileged credentials, while more than one-third (36 percent) rely on spreadsheets.

It gets worse: The vast majority (86 percent) of survey respondents indicated that they do not update privileged account passwords after using those accounts. Additionally, 40 percent said they leave default admin passwords for systems and infrastructure unchanged from the factory settings. For cyberthieves, this is roughly the equivalent to leaving your car with the keys in the ignition.

Keeping Sensitive Data Out of the Wrong Hands

Infosec Island noted that “the most severe breaches inevitably stem from powerful credentials (typically those logins used for administration) falling into the wrong hands.” The article detailed the key principles of privileged access management and outlined several things that organizations should be doing to keep credentials out of fraudsters’ hands, including:

  • Eliminating sharing of privileged credentials;
  • Holding individuals accountable for safeguarding these credentials;
  • Following a least privilege model for daily operations; and
  • Auditing the use of privileged credentials.

It’s important to note that the overwhelming majority of your users neither want nor need privileged access. In fact, most users don’t even know that administrator credentials and similar privileged accounts exist, let alone how to use them.

Your employees and other authorized users hate being barred from accessing websites and being prompted to come up with strong passwords. However, they normally don’t mind being denied privileged access because the last thing they want to do is mess with the system technically — they are happy to leave that stuff to IT.

Privileged Access Management Is Key to Robust Security

This is not to say that properly handling privileged access management is easy or free. Doing it right means taking time to think about how privileged access is handled. Large or complex networks might require a significant investment in tools to handle the mechanics and provide an audit trail, but improving privileged access management is one of the most critical steps organizations should take to minimize the risk of a serious, costly data breach.

Learn more about Privileged Account Management

More from Identity & Access

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today