We’re in the landscape of a breach is a matter of 'if', not 'when'. However, we still have to place a high amount of trust in employees and vendors in order for our businesses to function. Part of a robust secure access strategy includes controlling access to critical systems as well as the access to privileged accounts – which is a shift from the way many organizations are working to secure their most critical systems. If you're just focusing on accounts, then you're only fighting half the battle against today’s attackers. We’ve talked about this topic for a few weeks now, with this Six Steps to Secure Access blog series.
We’ve shared some details on steps 1 -5; now let’s talk about step 6! The sixth step focuses on what could be a very challenging threat to mitigate; the threat associated with credentials that are hard-coded in an application or a script of some kind. Instead of having to deploy a more nuanced break, breach or crack strategy, threat actors can simply scour the file systems of the machines that such applications have access to and hope to find some script that (maybe) a database admin put out there years ago to back up and move data from one SQL server to another. That script is doing that job with a privileged credential that is exposed in clear text. A threat actor loves that, right? They browse the file system, they open up text files and there you go, a credential that they can use for malicious purposes, and they haven’t had to employ any sophisticated tradecraft to do so.
This step puts a focus on replacing those clear text credentials and leveraging a password vault to provide the credentials to those scripts on demand, as well as a way to rotate them frequently.
With the amount of breaches that occurred last year, and the attacks we’ve already seen in 2018, it’s clear that a robust security strategy is needed for every enterprise. We developed the Six Steps to Secure Access as a framework, which can be done in any order. However, if you’re just starting out, going in order is a great place to start and will make the most sense when it comes to implementing a secure access strategy to secure the privileged access across your organization.
For more insight on this strategy, check out our free on-demand webinar!
Chris Herrin, Senior Product Manager at BeyondTrust
Chris Herrin is the Senior Product Manager for Privileged Remote Access and all third-party integrations for the BeyondTrust portfolio. He has been with BeyondTrust (Bomgar) for the last five years, beginning his career on the Sales Development and Solutions Engineering teams. Chris is an active Georgia Bulldogs fan, and has to mention his corgis in every presentation he is a part of.