Long gone are the days when cyber security was an afterthought in the corporate world. The current age of being always connected, cyber security has become the biggest concern for every business. With hackers coming up with new way to attack systems, businesses are heavily investing in keeping their security measurements uptodate. Fortunately, if taken enough measurement, businesses can keep themselves safe from external threats.
But do you think the external threats are the only threat that has the capability to harm your business? What about another dangerous threat that you have been ignoring till now? Yes, I’m talking about the threat that comes from insiders, from the people you trust blindly, from your employees, partners and even from your customers. Shocking, right? Well, it’s not if you look at the major cyber attack incidents of 2016. As per recent research by Intel Security, 43% of cyber attacks were caused due to internal users.
Now even though insider threats are pretty difficult to detect and remediate, businesses just can’t close their eyes and sit carelessly. Among these insiders, the one specific section this article is about is the users with privileged accounts as they not only have access to sensitive resources but also full control over their systems and thus making it more vulnerable. In short, these privileged users have the key to your kingdom of sensitive user data and business assets. But alas, not many organizations are giving desired consideration to this problem.
One solution here that can ensure security is to track and monitor these users as they can easily disrupt even the most secure infrastructure. In this article I am going to talk about how businesses can plan privileged access control strategy in order to keep themselves secure.
Tip #1: Outsources access control solution:
Now many of the organizations believe that keeping privileged access control is much more convenient, affordable and secure than outsourcing it, they tend to forget the risk associated while third party vendors access their IT systems directly. Did you know as per Ponemon Institute Report, 73% respondents reported increase in the hacking incidents involving third party vendors. Needless to say, extending privileged access control to contractors, service providers, outsourced IT, etc makes much sense. Extending it will ensure you centralized identity management and thus unified view of all the access related activities.
Tip #2: Introduce multi-factor authentication:
Do you know the simplest way for hackers to steal your precious customer data is to utilize the login credentials of your privileged users. Passwords are done and dusted, thanks to poor password habits (Like using easy to remember password, not changing passwords on regular passwords, using same password for all, etc). The most effective way to save yourself is by introducing multi-factor authentication MFA. Multi-factor authentication requires users to pass through multiple security levels in order to get access to sensitive data. These additional levels can be something you know (Password, secret question), something you have (Mobile, smart device) or something you are (voice recognition, fingerprint authentication)
In case of MFA, after submitting the right username and password combination, user needed to prove his identity once more with any of the additional factors mentioned above. Implementation of multi-factor authentication will make it almost impossible for cyber criminals to get access to your sensitive data while make you relieved.
Tip #3: Monitor privileged access activities:
Another thing that organizations need to do, is to execute industry regulations compliances such as PCI DSS (Payment Card Industry Data Security Standard), SOX(Sarbanes-Oxley Act) and other business policies related to data integrity and security. Monitoring such privileged users activities will bring to you more accurate audit visibility and enables forensic research in case of any security related issue.
Tip #4: Use credential vault to manage automation of shared passwords:
Unlike what we believe, the recent survey disclosed some shocking facts about sharing password concept :
- 59% of US ITDMs admitted sharing their access credentials with their employees at least once
- Another 52% respondents accepted sharing their credentials at least somewhat often with their credentials
- The numbers are 34% and 32% for UK respectively.
This is a bad condition. These shared passwords can provide anyone access to privileged accounts and thus anyone can easily receive key to your kingdom. In order to eliminate the risk, IT teams must automate the management of shared passwords and start using credential vault.
Tip #5: Understand your users and your data:
Since privileged accounts are the main door to your organization’s sensitive data, they are the main target of hackers, fraudsters and malicious attacks. Any kind of suspicious activity if noticed around this data is the indicator that an attack is in process. Therefore it is must to sync your security policies along with access management solution so that only the authorized people can get access to your data.
Finally, the key is here to stay updated. Don’t trust blindly. Keep monitoring user activities, keep reevaluation your solution and keep people around you updated.