Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Securing Access: Fortify App to App Security

February 14, 2018

  • Blog
  • Archive

We’re in the landscape of a breach is a matter of 'if', not 'when'. However, we still have to place a high amount of trust in employees and vendors in order for our businesses to function. Part of a robust secure access strategy includes controlling access to critical systems as well as the access to privileged accounts – which is a shift from the way many organizations are working to secure their most critical systems. If you're just focusing on accounts, then you're only fighting half the battle against today’s attackers. We’ve talked about this topic for a few weeks now, with this Six Steps to Secure Access blog series. 

Infographics

Bomgar Six Steps to Secure Access

We’ve shared some details on steps 1 -5; now let’s talk about step 6! The sixth step focuses on what could be a very challenging threat to mitigate; the threat associated with credentials that are hard-coded in an application or a script of some kind. Instead of having to deploy a more nuanced break, breach or crack strategy, threat actors can simply scour the file systems of the machines that such applications have access to and hope to find some script that (maybe) a database admin put out there years ago to back up and move data from one SQL server to another. That script is doing that job with a privileged credential that is exposed in clear text. A threat actor loves that, right? They browse the file system, they open up text files and there you go, a credential that they can use for malicious purposes, and they haven’t had to employ any sophisticated tradecraft to do so.

This step puts a focus on replacing those clear text credentials and leveraging a password vault to provide the credentials to those scripts on demand, as well as a way to rotate them frequently.

With the amount of breaches that occurred last year, and the attacks we’ve already seen in 2018, it’s clear that a robust security strategy is needed for every enterprise. We developed the Six Steps to Secure Access as a framework, which can be done in any order. However, if you’re just starting out, going in order is a great place to start and will make the most sense when it comes to implementing a secure access strategy to secure the privileged access across your organization.

For more insight on this strategy, check out our free on-demand webinar!

Webcasts

Six Steps to Secure Access for Privileged Insiders and Vendors

Chris Herrin

Product Manager

Chris Herrin is the Product Manager for Privileged Remote Access and all third-party integrations for the BeyondTrust portfolio. He has been with BeyondTrust (Bomgar) for the last five years, beginning his career on the Sales Development and Solutions Engineering teams. Chris is an active Georgia Bulldogs fan, and has to mention his corgis in every presentation he is a part of.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.