Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Privileged Account Management: The Time is Now

July 22, 2015

  • Blog
  • Archive
In 2015, we've seen yet another incident of privileged account misuse in the OPM breach that is currently being investigated. Is this Groundhog Day? Why do we keep seeing this problem surface over and over again in major breaches and hacking scenarios? This is really not a new problem at all, but we’ve got to get to the root of what’s going on here. Based on my experience, there are some major systemic issues that lead to privileged account misuse and subsequent attacks or data breaches as a result. First, IT administrators, developers, and other common privileged users have a need to get work done that may in fact require privileges in many cases. This has been the case for a long time, and we have the classic case of simply over-provisioning those privileges to these types of users, knowing that they’ll need to use them at some point in their day-to-day jobs. Second, IT admins and developers have often had a bit of a “deity mentality”. In other words, they run this shop, don’t get in their way. Suggesting that these folks need anything LESS than the most elevated privileges would be an insult! Third, the tracking and monitoring of privileged users and accounts has rarely been a strong suit for security and risk teams in many organizations. One of these issues is simply a result of generic admin and root accounts being used so frequently - all the logs and events are attributed to “root” or “Administrator”, and this is tough to track. Alongside this issue, many admin activities just haven’t been a focal area for security teams until the last few years, so we’re catching up. Finally, we’ve created service accounts, vendor accounts, partner accounts, and temp accounts for every other possible reason under the sun and left them hanging out all over the place within our environments, and this is starting to come back and bite us in many ways. Not only are we handing out privileged accounts with reckless abandon, we can’t even possibly hope to keep track of them in many environments large and small. If you look back at some of the biggest hacks and breaches of the past few years, many have involved privileged account hijacking and misuse. It’s time to get a handle on this problem and take it more seriously. Will privileged user management tools come in a shiny box that blinks in a rack? Maybe, maybe not. Will you be able to boldly attend InfoSec cocktail parties and loudly proclaim that you’ve “solved that APT thing”? Let’s not even go there. This is all about getting control of our environments, minimizing the likelihood of accidental errors and exposure factors linked to privileged accounts, as much as it’s about preventing the bad guys from hijacking and leveraging those same accounts. There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class. Let’s cross one issue off the list, shall we? Join me in the upcoming webinar with BeyondTrust where we’ll take a look at some breach and hacking examples of privileged account misuse, some of the realities we face in many environments today, and how we can get this problem under control in 2015. Author/Presenter: Dave Shackleford, SANS Instructor Want to learn more? Watch the webinar now.
Photograph of Dave Shackleford

Dave Shackleford, Cybersecurity Expert and Founder of Voodoo Security

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Solutions to the Qatar National Information Assurance Policy v2.0

Whitepapers

KuppingerCole Executive Review - BeyondTrust Endpoint Privilege Management

Webcasts

Tech Talk Tuesday: Managing Vendor Access

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.