NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Why admin accounts are an unnecessary exposure to risk

February 13, 2018

  • Blog
  • Archive

One hundred percent security cannot be guaranteed in the cyber world. No matter how many safeguards you put in place, there will always be some risk. This is based on the simple premise that if you are 100% secure, there is no functionality. As soon as you add functionality, it will decrease the overall security. Therefore the simple analysis to always perform when adding functionality is whether it is worth the overall security exposures.

The problem is that most companies only look at the benefit of a new functionality but never ask the follow-up questions:

  • What is the security risk associated with this functionality?
  • Are there other more secure alternatives?

This gap in performing proper analysis is never more evident than with administrator access. A user or business unit complains that they need administrator access and, without verifying or validating the request, they are given the access without the proper analysis.

If you want to be secure, users cannot be logged in as an administrator. If you are like many companies that I work with, the initial response is that they need or require that access – those are very strong words. A premise that should drive all security decisions is to let data drive decisions, not emotions – do the math.

What benefit do you gain by providing them with administrator access versus the potential increase in exposure or damage to the company by allowing the access? If you do proper analysis, you will find what Avecto discovered: that taking away administrator access can mitigate 80% of all Critical vulnerabilities and 95% of Critical vulnerabilities in browsers.

Author bio:

Dr. Eric Cole is a renowned security expert with over two decades of in-the-trenches experience in IT and network security. He is the author of several books and textbooks, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat, and has presented at many major conferences. He also served as a member of the Commission on Cyber Security for the 44th President, Barack Obama, and sits on several executive advisory boards.

"Each chapter in Dr. Cole’s latest book offers real life examples and steps anyone can take to protect their information – like proactively getting a replacement credit card when there’s been a breach, or using phrases to create strong passwords. The kind of personal cyber security that Dr. Cole talks about in his book isn’t rocket science; it’s good, common sense and easy to do."

'Online Danger: How to Protect Yourself and Your Loved ones from the Evil Side of the Internet' can be downloaded here.

@DrEricCole, secure-anchor.com

Photograph of Jonathan Clarke

Jonathan Clarke, Content Marketing Manager

With a Master's Degree in English Language and Media, Jonathan has a genuine passion for producing compelling and thoroughly researched cybersecurity content. Coupled with a B2B agency background, he is adaptable to a wide range of industry topics, and also looks after BeyondTrust's Public Relations and social media channels. A huge animal lover, he is the proud 'father' of Simba, a very hyperactive German Shepherd dog.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.