Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Privileged Passwords: Is Anyone Watching the Watchers?

November 18, 2015

  • Blog
  • Archive
enterprise password management So you give someone privileged password access to all of Active Directory, or an Exchange server, or a SQL Server. Do you have any idea what they do when they log onto a server? Are they doing the job they’re supposed to, or are they focusing on something more malicious? A recent survey by the Information Security community on LinkedIn found that 59% of organizations see privileged users as posing the greatest insider threat, with 62% believing insider attacks are far more difficult to detect and prevent than external attacks. And they’re right. You’ve handed the keys to some or all of the kingdom and, without standing over their shoulder as they work, you have little insight as to whether or not that SQL server admin exported a copy of the database containing credit cards and emailed it to himself via gmail while doing some routine database maintenance. If you’re serious about protecting the organization (and you know you are), IT can no longer use trust as a security strategy. You already have some constraints around who has access to privileged passwords; it’s time to find appropriate levels of control and management around what someone does with the access. There are a few aspects of this kind of watching that you need to consider:
  • The Where – an account with local access rights on multiple Windows servers can log onto more than just the one server you intended. Do you want to limit access to a small number of servers or devices?
  • The How – Sticking with the Windows example, do you want someone to be able to only log on when physically present at the server? Via MSTSC (or PuTTY in the case of Unix)? Or only use the credentials to remotely manage parts of a server, such as services?
  • The What – This is the big one; what are they specifically doing while logged on? You should be thinking about whether you want to be able to shadow a session, pause and/or kill it, and even record it for later playback.
With very few exceptions, there is little of the above you’ll be able to accomplish without the help of a third-party tool, but it’s important to recognize that this level of management, accountability, and auditing is possible. Take a look at the risk levels your organization is willing to accept, identify the number of accounts – and users – that have access to your most critical data, applications, and systems and determine if your current security strategy of “here’s the password… don’t do anything I wouldn’t do!” is good enough to keep your organization secure. To learn more on how to manage privileged sessions as part of an overall privileged password management strategy, download chapter 5 of the ebook, “Six Critical Capabilities for Password Management”.

Nick Cavalancia, Founder/Chief, Techvangelism

Nick Cavalancia has over 20 years of enterprise IT experience, 10 years as a tech marketing executive and is an accomplished technology writer, consultant, trainer, speaker, and columnist.

Nick has attained industry certifications including MCNE, MCNI, MCSE and MCT and was once accused at TechEd of "not having enough digits" in his MCP number (which only has 5). He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies and has spoken at many technical conferences on a wide variety of topics.

Previously, Nick has held executive marketing positions at ScriptLogic (acquired by Quest, now DELL Software), SpectorSoft and Netwrix where he was responsible for the global messaging, branding, lead generation and demand generation strategies to market technology solutions to an IT-centric customer base.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.