Does your service desk use accounts that have workstation admin credentials to support users? If so, your service desk staff are “privileged” users. If those credentials are stolen or compromised, they can be used by an attacker to move laterally across your network in mere hours or minutes. Security professionals have often overlooked help desks as privileged users, but more and more are looking to lock down these accounts or take privileges away. But admin credentials are crucial for service desks to be productive.
So what exactly is a privileged account? They are:
- “Administrator” of the local computer
- “Superuser” used to perform administrative tasks
- Built into every IT application and system
- Typically shared among several people
If these accounts are so crucial, why are they also so problematic? Here’s a few reasons:
- They have a lot of power
- They are shared
- They are stored insecurely
- They are anonymous (not managed or audited)
- Secure credentials in an enterprise password vault
- Randomize passwords of local administrator accounts
- Rotate passwords after each use for privileged domain accounts
All of the above-mentioned points make privileged accounts the prize for hackers. With cyber breaches showing no sign of slowing down, targeted attacks on corporate IT networks have increased in scale and public visibility. A hacker’s main objective is to bypass perimeter security, by stealing legitimate credentials (your privileged credentials) to gain access to your machine, and then ultimately move laterally across the network.
Given that privileged accounts are a main target, how can your organization balance both productivity and security? Here’s a few tips:
- Secure credentials in an enterprise password vault
- Randomize passwords of local administrator accounts
- Rotate passwords after each use for privileged domain accounts
For a closer look into how to protect privileged accounts, and how Bomgar’s solutions can help you secure service desk credentials without affecting productivity, check out this webcast recording.
Bryan Hood, Director of Solutions Engineering
As Director of Solutions Engineering at BeyondTrust, Bryan and his team work closely with both prospects and customers to evaluate their needs for securing access to users and business critical systems, while still enhancing IT productivity. He consistently speaks about benefits of securing remote access and privileged access for numerous trade shows and while visiting clients. Prior to joining BeyondTrust, Bryan worked as a Senior System Engineers and Messaging Architect for several large corporations, and also worked as a contractor to the Department of Defense in these roles. With more than 20 years of experience, he helps drive efficiency, productivity, and security through assisting with installation and helping clients maximize on their BeyondTrust investment.