Privileged accounts are those within an organization's IT infrastructure that have more power than ordinary user accounts. Examples of privileged accounts might include Windows Administrator accounts, and accounts associated with router access. Such accounts are necessary for keeping IT processes running smoothly, and they are required in emergency situations as well. As you may imagine, access management for privileged accounts is extremely important.
To hackers, access to a single privileged account is better than access to multiple end-user accounts.
Yet, one 2016 survey found that 20% of organizations haven't even changed the default passwords on their privileged account, despite the fact that the overwhelming majority consider privileged access management a top priority. Many organizations allow privileged accounts and their passwords to be shared, and more than one-third of them use the same security for privileged accounts as they do for standard account access. Are the privileged accounts in your organization at risk?
Hackers Often Target Privileged Accounts
If a hacker has the opportunity to access a regular end-user account or a privileged account, he's going to target the privileged account, because these accounts allow users to exploit just about any part of a network, including sensitive or confidential information. At the same time, most organizations don't require approval for creation of new privileged accounts, and about half don't regularly audit privileged account access activity. The fact that a large chunk of organizations must demonstrate privileged account access management to remain in compliance with government regulations makes this particularly worrisome.
Why Privileged Accounts Are Difficult to Secure
Ironically, privileged accounts can be tougher to secure than ordinary user accounts. Rather than being associated one-to-one with a specific user, privileged accounts are often shared by multiple administrators. What happens when one administrator is fired and those left behind don't bother changing privileged account access credentials? The risks can be enormous.
Every organization with privileged accounts must have a system for privileged account access management to mitigate risks. This should include a policy that spells out specific steps that will be taken if one administrator leaves the company to avoid the possibility of a disgruntled former worker wreaking havoc.
Education of those with Privileged Account Access Is Critical
Those with access to privileged accounts must understand why access management is essential.
Strong access management for privileged accounts is important, of course, but also important is continued training and education of the people who have access to these accounts. Administrators must understand that they're not allowed to abuse access rights, and that if they do, they will face specific consequences.
Suppose a customer support supervisor, with access to personal customer data, decides to look up an ex-spouse's customer account in hopes of leveraging the information found there. The potential for abuse and misuse of data is significant. Keeping access management strong is important, but so is making sure everyone knows why access management is administered the way it is.
Identity Management and Privileged Account Access
Some access management products incorporate privileged account management, and this can be a smart way to approach the issue. For one thing, it allows the provisioning system to make real-time changes to who can gain access to accounts should the need arise. In the event of an administrator being fired, for instance, this can be the only prudent thing to do.
This type of access management can incorporate rules that prevent administrator access from being extended inadvertently. Suppose a system administrator moves from one company branch to another. The access management system can ensure that she can no longer access the accounts associated with her old location.
Examples of identity management solutions that incorporate tools for managing privileged account access include Oracle Management Suite Plus, Microsoft Enterprise Mobility, CA Technologies CloudMinder, and Okta. If you outsource identity management and access management, your provider can discuss which specific software solution makes the most sense for your requirements.
Access management must evolve continually to keep up with new threats, and CIOs and other executives must understand the importance of creating strong security around privileged accounts. Compromise of a user account is bad enough; compromise of a privileged account can cause damage on a much greater scale. Contact us today to discuss ways to protect your privileged accounts.
What are some identity management problems or issues your organization faces? Let us know your thoughts in the Comments box below.
And to follow-through on the tips introduced in this short article, be sure to download your free Financial Services CIO Guide to IT Security and Identity Management.