Privileged users are probably the greatest threats to your data security. These users literally have keys to your kingdom’s treasury of sensitive customer data and business-critical assets.

Five Steps to Become a Privileged Identity Management Pro

It is extremely important to properly track and monitor these privileged users because they can easily disrupt the most secure infrastructure, either unknowingly or on purpose. Below are five things to consider when planning your privileged identity management strategy.

1. Extend Privileged Account Management to Third-Party Vendors

While most companies recognize the importance of privileged identity management within the enterprise, they tend to ignore the risk that results from third parties accessing their IT systems.

There has been a marked increase in the number of data breaches attributed to third-party vendors. For this reason, you need to extend privileged user management to contractors, outsourced IT and other service providers. This essentially centralizes privileged identity management so you get a single view into the activities related to your privileged accounts.

2. Consider Multifactor Authentication

One of the easiest ways for a cybercriminal to access sensitive data is to use the login information of a privileged user. Using multifactor authentication to secure your privileged accounts will make it more difficult for attackers to leverage those credentials. It will also introduce a level of confidence, since threat actors cannot pretend to be you to gain access to your organization’s crown jewels.

3. Record Privileged Account Activity

You need to enforce and demonstrate compliance with industry regulations such as the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS) and other business policies that protect data privacy and integrity. Recording and storing each privileged user’s session activity can provide clear audit visibility and facilitate forensic research in the event of a security incident.

4. Automate the Management of Shared Passwords

According to the “Centrify State of the Corporate Perimeter Survey Research Report,” 59 percent of IT decision-makers in the U.S. share access credentials with other employees, and 52 percent of IT employees share credentials with contractors at least somewhat often. This is a disturbing situation, especially if these credentials provide access to privileged accounts.

Shared credentials make it extremely difficult, if not impossible, to attribute the actions carried out on a particular account to an individual. IT professionals can help eliminate this anonymity by automating the management of shared passwords and using a credential vault.

5. Know Your Data and Know Your Users

Privileged accounts are the gateways to an organization’s high-value data. For that reason, they are prime targets for external fraudsters and malicious insiders alike. Abnormal activity involving this data is often the first observable indicator that an attack is in progress. It is extremely important for your data security and privileged identity management solution to talk to each other so you know what data is being accessed by a privileged user at any particular time.

What Do You Think?

If you want to know more about the typical problems your peers face in managing privileged accounts and the steps you need to take to overcome them, download our white paper, “Protect Your Organization From the People You Trust.”

More from Identity & Access

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

An IBM Hacker Breaks Down High-Profile Attacks

On September 19, 2022, an 18-year-old cyberattacker known as "teapotuberhacker" (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website Gamers got an unsanctioned sneak peek of game footage, characters, plot points and other critical details. It was a game developer's worst nightmare. In addition, the malicious actor claimed responsibility for a…

What is the Future of Password Managers?

In November 2022, LastPass had its second security breach in four months. Although company CEO Karim Toubba assured customers they had nothing to worry about, the incident didn’t inspire confidence in the world’s leading password manager application. Password managers have one vital job: keep your sensitive login credentials secret, so your accounts remain secure. When hackers compromise these software applications, the entire industry of identity and access management (IAM) takes notice. As an alliance of tech giants leads a global push…

Beware of What Is Lurking in the Shadows of Your IT

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT is the use of any hardware or software operating within an enterprise without the knowledge or permission of IT or Security. IBM Security X-Force responds…