Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Are Your Data Security Efforts Focused in the Right Area?

January 28, 2015

  • Blog
  • Archive
Internet Security Vormetric Data Security recently released an insider threat report, with research conducted by HarrisPoll and analyzed by Ovum. Based on the survey responses, it is apparent that there is still a great deal of insecurity over data. However, the results also show that there may be misplaced investments to address those insecurities. I will explain this position while reviewing the conclusions from the report, and identify some best practices to avoid becoming the next security breach headline. First, let’s look at the data. When asked about who posed the biggest internal threat to corporate data, 55% of respondents to the Vormetric study said privileged users. Correspondingly, half of organizations have deployed privileged account management technology. The survey results also indicated that 56% of respondents would be looking to increase their security spend to deal with insider threats next year. But here’s where things get weird. According to the results of the study, the leading categories where organizations plan to increase security spend during the next 12 months were: Network defenses (52%), Endpoint, Mobile device protection (50%), and so on. Wait a sec. If we agree that preventing a data breach incident is a top security spending driver (and the report says it is), and we also agree that the biggest threat to corporate data is privileged users (and the report says it is), where in this list was investment in privileged account management? And why do only half of companies deploy privileged account management technology? I would argue that to address the issue of insider threats to data companies are investing in the wrong areas. Here is a set of five best practices to get you on the road to better privileged account management to better protect access to data. Secure the last mile without frustrating end users Your user’s desktop and laptop systems are a significant attack surface, and generally the last mile of security. Start with enforcing least privilege on endpoints. Removing local admin can help to reduce as many as 80% of system vulnerabilities. Look for critical capabilities around risk compliance, session and file integrity monitoring to protect access to data, and elevating privileges by application and not by user so you can better control who can do what with their rights. Lock down access to tier 1 systems I would guarantee that you have tier 1 business-critical systems running on UNIX or Linux, and if you are like many companies there are few controls over privileged delegation to those systems. Traditional responses to this problem have been inefficient and incomplete (such as native OS options) or not secure enough (such as sudo). Delegating UNIX, Linux and Mac privileges and authorization without disclosing passwords for root or other accounts is essential, as is recording all privileged sessions for audits, including keystroke information. To go the next step, integrate UNIX, Linux and Mac systems into Active Directory for centralized authentication, single sign-on and Group Policy extensions for centralized configuration management. Take control of passwords The problem of shared credentials has significant scale and risks, from embedded or hardcoded passwords, application-to-application and application to database access, and inconsistent rotation. Where privileged password management deployments often fail is in not considering all of these scenarios. Deploying a single, hardened, appliance-based solution with broad platform support and functionality, discovering and profiling to give greater control, monitoring sessions with full playback, and using standard desktop tools for session management are best practices to achieving control and accountability over privileged passwords. Establish a baseline and audit ongoing user activity Can you answer the “who, what, when and where” behind changes to critical systems? If you haven’t established a permissions baseline and are not able to centrally audit changes over time, you are missing a critical step in controlling privileged access. Report on risk Since a privilege problem tends to involve more than one department in the organization, how well are you able to satisfy the reporting, auditing and management needs of multiple stakeholders from operations to security to compliance? Providing security and IT operations teams a single view of all assets and user activity reduces risks while helping to maximize the value of existing security investments. Through a more programmatic approach to privileged account management – covering every scenario – providing deep analytics and extending insights out beyond privilege, you will have stronger controls in place to protect your most valuable asset – your data. Invest here first.

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.