Most organizations trying to reduce the risk of cyber breach focus on the privileged credentials or identities, but that’s only part of the battle when it comes to securing privileged access. Too often, we see companies spend a lot of time, resources, and money to pull their administrative credentials and passwords into a password vault or safe, but then continue to use access pathways such as RDP or VPN that are traditionally challenging to secure and can be leveraged by attackers to compromise a target.
Forgetting to secure access pathways
Improperly secured remote access continues to be called out year after year as a leading attack pathway for cyber criminals. Additionally, the use of weak and/or stolen passwords in cyberattacks also tops the list. You should absolutely be using a password safe or vault to protect and rotate your privileged accounts, but you also need to implement more secure remote access methods for a comprehensive defense in depth strategy. Traditional security measures such as firewalls, active directory rights management, complex password policies and frequent password rotation are proving to be more peripheral in nature, and shouldn’t be the only security measures in place for an organization. When unauthorized users gain access to accounts and credentials, they can bypass these traditional measures and move laterally across an organization’s network. The largest and most recent cyber breaches have been attributed to unauthorized users leveraging privileged credentials for unauthorized access.
Employees and vendors with remote access to systems and privileged credentials are prime targets for cyberattacks.
Despite being aware of these threats, most organizations still allow a myriad of internal and external parties to access their most valuable systems and data. Check out this webinar for more insight into shoring up your security posture, and avoiding the pitfalls of privileged access.
Sam Elliott, SVP, Products, Applications, PPM
At Bomgar, Sam is responsible for the product management group that is driving product strategy for Bomgar’s security products. He has more than a decade of information security, ITSM, and IT operations management experience. He also is a seasoned expert in the areas of cyber-security, data center discovery, systems configuration management, and ITSM. Sam has a Bachelor of Science from Florida State University and is certified in ITIL v3 and Pragmatic Marketing. He resides in Atlanta, GA with his family and can be found on twitter @samelliott.