Network Communications News (NCN) NCN-Sept2017 - Page 17

HOT TOPIC There are steps any organization can take to address the 5 Deadly Sins of Privileged Access Management: D eploy enterprise password management globally across all data centers, virtual and cloud. A centralised password management solution that includes built-in session monitoring will ensure that both important capabilities are met with strong workflow and ease of use. R emove local admin rights from all Windows and MacOS end users immediately. A massive 94% of Microsoft system vulnerabilities in 2016 can be attributed to users with admin rights. Once all users are standard users, IT teams can elevate a user’s access to specific applications to per form whatever action is necessary as part of their role without elevating the entire user on the machine. P rioritise and patch vulnerabilities. Better prioritisation and patching of vulnerabilities provides IT with better insight into whether to delegate privileges to an asset or application. The result is better intelligence and less risk of unknowns. R eplace Sudo for complete protection of Unix/Linux servers. With pressure on budgets, organisations may have to use Sudo, but it doesn’t offer the industrial-strength capabilities that today’s security needs. U nify privileged access management – on-premise, in the cloud – into a single console for management, policy, repor ting and analytics. As organisations race to adopt SaaS/PaaS/IaaS to keep pace with business demands, IT must provide the same level of protection to cloud-based systems as for on-premise systems. This includes capabilities such as enabling automation for DevOps; finding, grouping and scanning cloud assets; protecting vir tual and cloud management consoles and instances; using a cloud access ser vice broker to enable third-par ty access; and per forming vulnerability assessments for hybrid and public cloud infrastructures. THE 5 DEADLY SINS Privileged Access Management of Security experts have outlined the best practices for privileged access management for years in an effort to reduce problems associated with the abuse of privileged credentials. Despite this, IT organizations continue to struggle. BeyondTrust decided to explore this issue with our annual Privileged Access Management survey. Aspects of privileged access management IT find important What keeps IT awake at night? Misuse of personally identifiable information Downtime of computing systems Privileged account management Loss of intellectual property Privileged session management Privilege elevation management Enterprises continue to struggle despite their motivation to protect enterprise information APATHY: Not deploying privileged password management Organizations believe the threat is high for: 79 % Sharing passwords 22 % 76 % Using default passwords GREED: Too many holdout admin users 75 % High Threat Level