It’s a dark and stormy night. Suddenly your system locks up. Then you get a message, demanding online payment to release your sensitive data back to you. Unfortunately, this isn’t a Halloween prank. Ransomware is on the rise and organizations of all types are falling victim.
Your risk of cyber-attack exponentially increases if you’ve made any of the mistakes below. The good news is that all these missteps can be reversed with an active Privileged Account Management program.
Here are the 5 Spooky Privilege Security Mistakes that Will Haunt Your Organization
1. Provisioning Workstations for Employees with Local Administrative Privileges Intact
We learned in our 2018 Black Hat survey that 32% of hackers use endpoint vulnerabilities as their fastest way to get onto a network and access privileged accounts. When hackers get their hands on local admin privileges they masquerade as trusted users and circulate in your environment undetected.
Even if local accounts have not been granted elevated privileges in the domain or the operating system, if they can manipulate the configuration of an application or access information the application provides, they are a vulnerability.
Applying a Least Privilege policy is an essential, foundational element of an endpoint security strategy. By removing local administrative privileges on employee workstations you can reduce your attack surface and block the primary attack vector.
2. Removing Local Admin Privileges, But Neglecting Application Control
Picture an angry mob with pitchforks heading your way. It’s not trick-or-treaters. It’s your Help Desk support team.
Organizations have learned the hard way that what works for security doesn’t always work for business productivity. Many Least Privilege programs fail because removing local administrative rights can have negative consequences for users and IT teams.
Many processes that users run every day require administrative rights, including installing printers, updating software, and changing system preferences. If users are required to request exceptions from IT every time they want to run a required process or install a needed application, productivity stops. Tickets flood the desktop support queue and IT expenses increase.
Application control allows Least Privilege to be successful because users are able to continue using applications they need with no downtime or loss of productivity.
3. Forgetting to Remove Privileges After Someone Leaves Your Company
89% of employees keep their login and password information after they leave, and 45% retain access to sensitive or very sensitive information with old credentials, says Osterman Research. Who has left your company lately? Did a trusted domain admin go to a competitor? How about a disgruntled employee?
Privileged Account Management tools give you the ability to easily deprovision privileged accounts when employees leave or change roles.
4. Letting Third Parties Access Sensitive Information Without Proper Controls
Your business partners, consultants and contractors need to access confidential information and systems to get their work done. But that doesn’t mean you should hand them the keys and then walk away. With Role Based Access Control you can provide them access only to the information they require and no more. Especially in the early stages of working with third parties, or for those partners who are accessing your most sensitive information, monitoring and recording their sessions will give you peace of mind.
5. Leaving Hardcoded Passwords in Code During Your Software Development Process
Many DevOps activities involve the use of a hardcoded key or credential somewhere in an application’s environment, code or configuration file. Hardcoded passwords of any type are a vulnerability that opens a backdoor into sensitive systems. PAM capabilities that support the DevOps workflow and velocity requirements provide unique accounts and credentials to containers and services so there’s no need to hardcode credentials, share credentials or use insecure repositories where secrets can be hijacked and exploited.
“It’s Coming From Inside the House!”
If you’ve made any of these mistakes, you may already have let in the bad guys. Your first step is to find out what you don’t know.
This Halloween, in-between handing out candy, run a free Privileged Account Discovery to get a comprehensive view of all your Windows privileged accounts, assess the security of your privileged passwords, and highlight potential risks.
*** This is a Security Bloggers Network syndicated blog from Thycotic authored by Dan Ritch. Read the original post at: http://feedproxy.google.com/~r/Thycotic/~3/vMvi5cJ2jHw/