Page 33 - Security Today, April 2019
P. 33
ACCESS CONTROL
THE FUTURE AND IMPORTANCE OF PRIVILEGED ACCESS MANAGEMENT
You can implement strong controls around your most sensitive assets By Reena Parekh
Every day companies get breached and you hear of the risks associated with privileged accounts. But do companies and organiza- tions also know and understand how costly and challenging it is to manage them?
The number one most important measurable way to protect your company from getting breached is to make sure your privileged and non-privileged accounts are managed properly. Eight out of 10 times, the breach happens on the accounts that al- ready have privileged access to companies’ confidential data or any
type of access to company data.
Privileged access is not only on servers, databases, switches,
routers and firewalls, it exists on all of your employees’ worksta- tions. Privileged access controls have been identified as one of the largest initiatives for organizations to help mitigate risk from advanced attacks. Management of this access not only reduces risk, but has business benefits that keeps organizations safe, op- erational, productive and against the threat of being hacked.
Companies and organizations, no matter what size, must have a strategy not only to manage and monitor privileged access but also detect and respond to threats. Companied need to find a phased approach to better understand their security goals with next-generation Privileged Account Management (PAM) capa- bilities, including privileged elevation and delegation manage- ment and privileged user behavioral analytics.
There are four pillars of PAM that a company should follow, Track and Secure, Govern and Control, Record and Audit and Operationalize.
Track and Secure. Track all of your privileged accounts and secure them in a “vault.” Inventory and onboard all privileged accounts in a next-generation PAM solution.
Govern and Control. Someone or something should have ex- actly the minimum rights required to carry out a specific task— nothing more, nothing less.
Record and Audit. Record all activities on those privileged ac- counts and audit them as often as possible or at a minimum of every 60 days.
Although privileged access has been identified as a top secu- rity control by multiple experts, organizations are still hesitant about moving forward. The reason being, they view the PAM project as being over complex, and/or drain on resources. Some organizations try to implement too much too soon, making it a very complex transition.
It is always recommended to take a phased approach; start slow, and begin any PAM project with a clear focus and a pre- determined list of objectives. No one part of your security stack will fully protect your organization from endless types of cyberat- tacks. However, by prioritizing privileged access, you can imple- ment strong controls around your most sensitive assets.
There are various solutions available for PAM securing the most critical layers of organizations’ infrastructure, data and as- sets; on-prem, cloud, and DevOps environments. By implement- ing a PAM solution, you will be protecting your organization against external hackers as well as insider threats. So, if your organization has not already started on a phased approach to implement a Privileged Account Management solution, now is the time to start.
Reena Parekh is a freelance writer based in Hillsborough, NJ. WWW.SECURITYTODAY.COM NS3
Operationalize. Gradually increase level of control and auditing.
santoelia/Shutterstock.com