Hackers, and others who want to do an organization harm by accessing its digital assets, will do just about anything to get their hands on a privileged account. After all, a privileged account is a gateway to the organization’s most valuable assets, and even its entire IT infrastructure.
When privileged access falls into the wrong hands, the damage that can be done is breathtaking: taking control of the IT infrastructure, disabling security controls, stealing intellectual property, committing fraud. The consequences of misusing or abusing access can’t get much more dire than when a privileged account is involved.
If you’re responsible for securing access to privileged accounts, you must do everything you can to keep the wrong people from finding a way in. Privileged access management, or PAM, is indispensable in this effort. PAM solutions make it possible to lock away privileged credentials in a password vault, secure privileged user sessions, detect suspicious privileged activity and much more. Once you have a powerful PAM solution in place, adding multi-factor authentication (MFA) can further reinforce your defenses.
Here’s what you can do to maximize protection of privileged accounts by combining PAM and multi-factor authentication.
1. Lock It Up: Add Multi-Factor Authentication to PAM
Privileged-access password vaults and management tools sometimes rely on usernames and passwords for administrative access. Given the criticality of what these resources are protecting, it’s important to uplevel that security with another layer of authentication. Multi-factor authentication, which asks for additional proof that those requesting access are who (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Tim Norris. Read the original post at: http://www.rsa.com/en-us/blog/2018-06/maximum-privileged-account-protection-with-mfa.html