Privileged accounts provide elevated access and permissions to data, applications, and systems so that users can accomplish various tasks. Today, privileged account protection is more important than ever as threats leveraging privileged accounts, in one form or another grow, at an alarming rate.
In the first half of 2018, we have seen a 102% increase in malware volume compared to the same period last year. And, the likelihood of malware infection rises with the presence of elevated accounts (privilege is needed to successfully install malware), as does the ability for lateral movement within an organization.
After a brief lull, ransomware attacks exploded in the first half of 2018, increasing 229% compared with the same period last year. Some newer variants, such as GrandCrab, leverage server message block exploits to move laterally across unpatched machines and encrypt as much data as possible.
One near-constant when it comes to modern cyber threats, is that attackers are zeroing in on privileged accounts. These powerful accounts enable the ability to successfully infect, infiltrate, and laterally move across an IT environment, while searching, locating, and either encrypting, corrupting, or exfiltrating data. And, the more privileged accounts and privileges in your environment, the larger the attack surface and the number of potential backdoors for cyber attackers.
Unquestionably, many IT organizations are currently inadequately poised to control privilege threats and reduce the threat surface. But, what’s the best path to get from an organization’s current privileged account security posture to where it needs to be?
In my new white paper, Protecting Your Most Dangerous Accounts: Where Are You on the 5-Tier Privileged Access Management Maturity Model? , I dissect five approaches for managing privileged accounts. Read the paper to discover how to progressively improve your privileged account security, including how to:
- Apply the principle of least privilege
- Enforce separation of privileges
- Apply privileged password security best practices
- Ensure accountability and auditability of privileged accounts
Download your free copy today. And, if you’d like to learn more about how BeyondTrust’s privileged password management solutions can help your organization protect its most sensitive accounts, request a customized demo with a BeyondTrust cybersecurity specialist.
Randy Franklin Smith, Microsoft MVP & Windows Security Expert, and CEO at Monterey Technology Group, Inc.
Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory security who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies, national, and international organizations.
Randy Franklin Smith began his career in information technology in the 1980s developing software for a variety of companies. During the early 1990s, he led a business process re-engineering effort for a multi-national organization and designed several mission critical, object-oriented, client/server systems. As the Internet and Windows NT took off, Randy focused on security and led his employer's information security planning team. In 1997, he formed Monterey Technology Group, Inc. where he serves as President.
Certifications
- Certified Information Systems Auditor (CISA)
- Microsoft Security Most Valuable Professional (MVP)
- Systems Security Certified Professional (SSCP)
Industry Memberships
- Information Systems Security Association (ISSA)
- Information Systems Audit and Control Association (ISACA)
- Center for Internet Security (CIS)