Current trends in network computing that favor virtualization and cloud computing — combined with the financial imperative to outsource services and consolidate data center resources — have made security around privileged access accounts a vital concern.
Several recent high profile incidents stress this growing concern. Both Wikileaks and the global surveillance disclosures prompted by Edward Snowden’s release of NSA documents illustrate the difficulties of protecting state and corporate assets in the age of privileged access.
Understanding the Threat
Conventional wisdom around network security stresses keeping external threats out. While viruses and web-based attacks are still a concern, businesses that allocate the bulk of their resources to protecting against outside hackers leave themselves vulnerable to threats from within. In fact, data collected in February 2012 by IBM and the Ponemon Institute found negligent insiders to be the greatest source of risk to sensitive data, representing 43% of all breaches. By contrast, web-based attacks and malware only accounted for 16% and 13%.
Best Practices to Follow
- Manage passwords: Privileged password management is the first step to controlling access to sensitive resources. Countless passwords may be in place to protect devices and applications across a large or distributed network — start by consolidating these wherever possible and storing them in a secure, encrypted location. Maintaining a network-wide list of privileged passwords will also help identify vulnerabilities and make it easier to implement across-the-board policy changes.
- Train employees: Investing in your team can stop privileged access problems before they start. For every act of intentional negligence leading to a breach, there are nearly four times as many accidental security issues, ranging from forgetting to log off a shared workstation to writing down passwords on paper. Make sure all team members are properly trained on how to use shared resources and kept up-to-date on company policies.
- Implement the principle of least privilege for all users: Make sure individual users have access only to the tools they need to do their job. Developing an easy way for administrators to manage access levels and add and remove users as necessary promotes overall system stability and security.
- Create an incident response workflow: Having procedures in place to respond to intentional and unintentional insider negligence is essential to minimizing damages due to internal breaches. SIEM logging applications can provide fast alert generation and incident reporting when violations do occur.
Because privileged access accounts have recently become a part of the conversation around network security, many businesses and service providers are struggling to define the best practices for mitigating risk. While a full review of the appropriate security measures is beyond the scope of this article, these tips are important starting points.
The post Managing Privileged Access to Sensitive Resources appeared first on .
