In a world where data is a company’s most valuable asset, many businesses understand the need to keep an eye on the access rights of their employees. However, some roles, such as those found in IT teams, DevOps teams, and C-level executives, require more access to the inner workings of a company than most employees.
Managing their access rights is far more challenging as they have access to most of the systems, applications and technologies within an organisation. This means that they have sufficient privileges to potentially cause harm by manipulating data, destroying important services or stealing intellectual property. Even if they are not malicious insiders, privileged users pose a higher security risk if a cyber criminal gets hold of their passwords.
For example, many privileged accounts can be shared between several IT admins. Removing these accounts is not a viable option, and the process of changing passwords for such accounts can be arduous. In addition, it’s difficult for security teams to see exactly how many accounts an administrator has access to — it could be hundreds. Removing or securing all these credentials manually requires a significant investment in time and resources.
Should an admin leave the company, blocking them from accessing privileged accounts can be a headache, and the security team must still determine which accounts were accessed the last time the administrator logged in and what activity he or she conducted.
To gain this visibility, companies must invest in a centralised monitoring solution that analyses activity on all systems and applications, or a session-recording solution that records all the administrator’s activities when using privileged accounts. Unfortunately, both options require manual activities.
Privileged Access Management (PAM) solutions have done away with the need for the time consuming manual tasks, governing the access of critical and non-critical information inside networks, as well as managing, reporting and creating rules for this type of access.
At its Security and Risk Management Summit in June, Gartner laid out the top 10 security projects that chief information security officers (CISOs) should concentrate on in 2018, with PAM being first. The main reason for this is the sharp increase in cyber attacks across the world. While looking for a way into an organisation’s network, hackers often look for vulnerable users with administrative privileges. Any hacker who lands on an unused privileged account can gain access to pretty much everything that the account owner has access to. This is why privileged user accounts are considered the “keys to the kingdom”.
According to Verizon’s 2018 Data Breach Investigation Report, of the 2 216 confirmed data breaches in 2017, 201 were due to privilege abuse. A statistic like that should highlight the importance of not only protecting privileged accounts, but also recording and monitoring privileged sessions to stay vigilant and detect unusual access. By providing the visibility companies need to monitor their most sensitive accounts and databases, PAM ensures a business is not an easy target.