Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Context is King, Even When Things Go Badly

December 8, 2015

  • Blog
  • Archive

context is king

As anyone that has worked in IT for some time will tell you, there are moments when things just hit the fan, for all sorts of unexpected reasons. Systems will shut down, services will stop, CPU or memory utilization will render systems or apps unusable, rabid gangs of squirrels take over the data center…all totally normal. OK, maybe not the systems shutting down, that would be abnormal, of course. The point is - what do you do? What emergency procedures do you institute to get things up and running again in a timely fashion, minimizing the impact to the business while still following established protocol?

The problem is this: we often don’t have much in the way of real protocol when it comes to emergency and incident scenarios. Things go south on us, we react, and most of the time people are focused exclusively on just getting things running again as they should be. Is that such a bad strategy? On the one hand, this strategy is perfectly sound. Keeping things running is always job number one for people who work in IT operations. However, the way we handle administrative access to systems during emergency scenarios often leaves a lot to be desired, and in some cases may even expose us to entirely new channels of risk that we didn’t face before.

By now, most organizations are coming to realize that privileged accounts and access to systems and applications deserves attention, and this may even be mandated by compliance requirements. The usual first steps to curbing admin access include gathering an inventory of privileged accounts, using lower-privilege accounts to conduct day-to-day tasks, and restricting (or at least reducing) the use of default privileged accounts like local Administrators on Windows and “root” on Linux, for example.

However, some of these measures can go entirely out the window when emergencies or incidents occur. Often, the local privileged accounts get used for system access, ideally with a “break glass” password that has been set aside in escrow for such scenarios. While this is not a great practice, it works in a pinch, and most teams are comfortable with this idea for extenuating circumstances. However, one crucial factor that often gets left out of the equation is CONTEXT. Where is the admin logging in from? What time of day is it? What system is being used to initiate the access?

These are important things to consider, and should play a role in how privileged access is granted or managed, including monitoring all activities taken by the admin while logged in. Ideally, a password will be “checked out” from a secure, random one-time password generation platform for these situations, but that platform should be smart enough to apply granular policies to the emergency account based on contextual factors that exist, as well. Without context, admin access could be granted from unsafe locations or to unapproved systems or accounts, opening the door for attackers or other malicious activity to occur.

Join me in this upcoming webinar with BeyondTrust, where we’ll delve into this idea of applying context to privileged access, even in emergency and incident scenarios.

Register Now | Just-in-time Privileges – Using Context to Determine System Access |December 10, 2015, 10AM PT / 1PM ET

Photograph of Dave Shackleford

Dave Shackleford, Cybersecurity Expert and Founder of Voodoo Security

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.