Your security infrastructure is there to protect your organization from malicious threats. That much is obvious, but what happens when a user’s credentials are compromised and threat actors access your systems? This could expose your company to a data breach and all the reputational damage, operational downtime and financial costs that come with it.
But all access is not created equal. What would happen to your organization if one of your privileged users had their identity compromised? Privileged account management (PAM) helps protect against the most dangerous data breaches because it enables you to closely monitor your most sensitive accounts.
Protecting Your Privileged Users Is Paramount
The majority of security breaches involve the compromise of user and privileged accounts via attack vectors such as phishing, malware and other means. Once the attacker establishes a foothold in the network, the next step is to find and hijack a privileged account, enabling the actor to move laterally across the network while appearing as a legitimate user.
At this point, the malicious activity can begin. Attackers often search compromised networks for valuable data such as personally identifiable information (PII), intellectual property and financial data. Such sensitive information enables threat actors to commit financial fraud as well as other crimes.
The bottom line is that protecting critical data means protecting your most valuable users. That’s why Gartner recognized privileged account management in its “Top 10 Security Projects for 2019,” along with detection and response, cloud security posture management, business email compromise, and more. The research firm also placed PAM on its 2018 list.
Further demonstrating the criticality of PAM is a Centrify survey that revealed 74 percent of data breaches involve unauthorized access to a privileged account. If privileged access is the most fruitful point of attack for cybercriminals, why are so many companies still not taking even basic steps to prevent this abuse?
Tackle Privileged Abuse With the Zero Trust Model
If you’re looking to tackle privileged abuse once and for all, you should consider adopting a zero trust strategy. According to Forbes, applying an approach of “never trust, always verify” can help grow digital business models. To implement a zero trust architecture, you must adopt a strategy built around constant verification. This means creating an environment in which all access is cut off until the network knows who is attempting to access it.
Since cybercriminals target privileged users, consider abandoning the traditional castle-and-moat approach and limit the user’s ability to move through internal systems once they have initially accessed the network. Default connections within your network are a key point of failure that malicious agents are constantly trying to exploit.
Traditional firewalls act as a barrier between internal and external activity. To move to a zero trust environment, you must create a more granular perimeter around individually segmented applications, databases and other key pieces of your infrastructure.
The first step is to define your strategy, not your technology. Decide how you want to proceed, examine how you can apply this to your organization’s infrastructure and then look for the right tools to execute that approach.
It’s all about building a system that can protect the most valuable users and systems within your organization. Understand that your privileged users are also the ones that make your company the most vulnerable — that is, if you don’t mitigate those risks by monitoring these accounts differently. Creating a verification-centric security system for these users is one way to reduce the biggest risks.
Register for the webinar to learn more
Digital Marketing Manager, IBM Europe
Digital Marketing Manager for IBM Europe. I have written blogs in IBM on the bluemix blog, developerworks, big data hub. Also worked on white papers and podc...