PREDI C TI VE I NTEL L I GE NC E
PAM will help stop a threat actor from acting
on some of the lowest hanging fruit within
your organisation – poor password and
credential management.
and known risks before it is allowed
to interact with the user, data, network
and operating system.
Privileged access management should
not only be considered for new projects
and legacy systems to stop privileged
attack vectors. It should be considered
for forensics and remediation control
after an incident or breach. PAM will
www.intelligentciso.com
|
Issue 11
help stop a threat actor from acting on
some of the lowest hanging fruit within
your organisation – poor password and
credential management.
As a security best practice, privileged
access should always be limited. When
a threat actor gains administrator or
root credentials, they do have the keys
to your kingdom. The goal is stop them
from obtaining them and ‘re-keying’ the
accounts via passwords on a frequent
basis, so even if they steal a password,
their usage can be limited and monitored
for potential abuse. Therefore, after an
incident or breach, this helps ensure
that any lingering persistent presence
can be mitigated and represents a
valuable methodology in the clean-up and
sustainment process. u
35