Get a Handle on Your Federal Agency Service Account Management!

Tami Gallegos, January 3rd, 2017

I start out every morning at my desk with a nice hot cup of coffee and a tour of the Federal IT news. During this exercise I frequently feel like Bill Murray in Groundhog Day.  It goes something like this, “Government Agency X revealed today that unauthorized access to thousands of sensitive records was obtained by compromising a [insert endpoint or Phishing incident here]”   Then I ask (often out loud), “How can this continue to occur when we have NIST 800-53 as a roadmap to secure environments, mandates like CSIP and CDIP, and billions being invested in government IT.”  Truth be told, government IT is tough.  It is aging, complex and a very desirable target for malicious actors.  The 2016 FISMA report to Congress shows that US-CERT processed 75,087 CFO agency incident reports in FY2015 alone. So in this gigantic challenge, what is one fairly clear step agencies can take to help better secure their environments today?

Service Account Privilege Management

Service accounts are user accounts created to provide a security context for services running on Windows Server operating systems. The security context determines the service’s ability to access local and network resources. These are often connected to mission critical applications, and are accompanied by elevated privileges.  Lose control of those privileges and I think you can see where this has the potential to open an agency up to disastrous consequences. The conundrum: do you risk taking a mission critical application down by changing the password, or do you roll the dice on your other security layers to keep these privileges safe? At BeyondTrust we believe you should do neither. Check out this new tech briefing that explores best practices and practical steps to successful, secure Service Account Management. The reality is, agencies can’t afford to not do this.

One Step You Can Take Today- Begin to Discover

Federal cyber security can be elusive, and privileged access management is a cornerstone to success. One of the biggest challenges in getting control over privileged accounts is finding them. The PowerBroker Privilege Discovery and Report Tool (DART) makes it as easy as possible for you to find and report on privileged accounts. It is a free tool that reveals elevated privileges on Windows, Mac, Linux and Unix systems throughout your environment.  The Discovery and Reporting Tool is a non-intrusive executable that does not require installation and does not affect target system performance. It keeps your privilege data completely private. Take the first step in securing your environment today.

Federal Experience Matters

Here at BeyondTrust we have a seasoned Federal team that understands your needs and challenges. The BeyondInsight IT Risk Management Platform helps agencies secure their environments and fulfill regulatory requirements through its integrated suite of IT security solutions that reduce user-based risk and address security exposures.

As you are revisiting your Federal Cyber security priorities for 2017, and planning for 2018, contact us for a strategy session. We’ve helped hundreds of agencies tackle the challenges of successfully implementing Privileged Access Management and Vulnerability Management.