Many organizations struggle with information security because they try to do too many things and they do not focus on the things that really matter. While defense in depth is important, in these types of reactive organizations quantity – instead of quality – of controls is too often the answer.
Nowhere is the quantity/quality disparity more evident than in an organization’s response to data breaches. Today’s security reality should not be about preventing a breach, but controlling the damage caused by the breach. Compromises are inevitable; thinking that an organization is never going to have a breach is as naïve as thinking that a person will never get sick. The focus needs to be on limiting the frequency and impact which directly ties to controlling the damage.
Therefore, the most appropriate question to ask when building, designing and implementing a plan for information security is, “What would allow an attacker to cause the most damage?” The answer is actually quite simple: Not controlling privileged access to critical information – information that is often housed in tier 1 systems.
Download this white paper and explore the necessary elements of server privilege management – command elevation and delegation, session monitoring and logging, privileged account management, account consolidation and measuring risk to target systems. When used in concert, these capabilities will better secure access to critical systems and data.