Like many of you, I have followed the news associated with the WikiLeaks publication of the CIA’s hacking handbook. Last week it was revealed that there is a vulnerability in more than 300 models of Cisco routers that allows unauthenticated access to the devices. When things like this are picked up by the mainstream media, IT professionals all over the world are immediately on the hot seat. Someone comes running and asking the ever-common question, “Are we vulnerable?” Now hopefully, since it turns out that this vulnerability is in the Telnet protocol, this time you could quickly answer, “Telnet? We haven’t used that in a decade.” But once again, this highlights the underlying security issues with which IT and security professionals must deal.
With any network device, workstation, server and more, comes the need to manage the accounts with administrative access to these devices. In this case, you didn’t even need a username and password, but in many others, the credentials themselves are the vulnerability. Using a privileged access management solution, you can protect the credentials (“privileges”) needed to log in, and the ability (“access”) to connect. Ideally, the best solution is one that helps with both.
If you implement an enterprise password manager, often called a password vault, to protect privileged credentials you have only solved half the problem. As seen with the Cisco vulnerability, no credentials were needed to gain access. Also, if you only control the access, but not the credentials, you put yourself at risk of credential theft, misuse, and abuse. With Bomgar’s secure access solutions, you can protect both privileged accounts and privileged access, otherwise known as Privileged Access Management. Bomgar offers the most robust connectivity product in the market and a secure way to store and manage your privileged credentials with our Privileged Access Management suite.
Bomgar is also the only vendor who allows you to inject credentials directly from a vault into the access session without ever revealing to the user. Take a minute to check out a quick video demo of credential injection or read more about Bomgar Privileged Access and Bomgar Vault.