Privileged Account Management
Most companies fear the cost of data breaches more than anything, while others fear the embarassing negative publicity wich can have even great negative impact on their organization when misuse of privilege makes the national news.
Writing blogs at 2am sometimes, has me asking myself dumb questions like “should I use a mathematics or a magician’s metaphor to kick off todays blog?” Answering myself sometimes generates inspiration and sometimes just means the lazy way out, like today when I chose both.
We have showed that the insider threat is significant in this blog for the last 2 years and have even pointed out recently that it made the Wall St Journal among other well respected publications. But, when President Obama aims to stop WikiLeaks-style disclosures, then least privilege has really come of age.
Remember the premise of Terminator and about another 100 or so Hollywood movies that have computers taking over the world? The first step in this conquest is always that we rely heavily on machines being connected to the worldwide web to make our life easier. This becomes problematic when said equipment is managing critical infrastructure like say electricity, water, communications, etc. Wait isn’t that what we’ve now done?
Within the complex world of IT infrastructure exists a vitally important group of people: those charged with administering a company’s most critical assets and protecting its most sensitive data. They are known as privileged users, and by definition they possess a collection of access rights reserved only for those a company has entrusted with significant responsibility in safeguarding not just data, but also brand reputation, customer trust, and sustained revenue.
Okay, so I am a bit biased since I am one of the co-authors of this book published by Apress Media, but in the spirit of full disclosure this is an independent industry view on mitigating insider threats across physical, virtual and cloud infrastructure and doesn’t even mention BeyondTrust.
Indeed, people are known to behave differently inside and outside of the office, where the culture is different. Lines between professional and home life become blurred, and people take the suit off at home, log in in their shorts, but that doesn’t mean they should take their corporate hat off, as well. But what is the answer? Eliminating administrator rights without allowing for the elevation of certain job-necessary privileges is not the answer. Locking down a system is like asking everyone to raise his or her hand to go to the bathroom, – it shows the downside of mistrusting human nature.
Anybody remember the classic works from their college reading curriculum? Specifically today’s blog will reference an epic poem considered by many to be one of the greatest in world literature: Dante Alighieri’s “Divine Comedy”. Now you might be asking what does Dante’s nine circles of hell have to do with least privilege and why should…
If an ounce of prevention is worth a pound of cure then an ounce of least privilege is worth a pound of compliance for your extended enterprise.
One of the most important facets regarding security is escalating data to the proper individuals in a timely manner. This is generally done using reports or some form of email alerts. In the context of reports, securing and proper distribution of the contents is just as important as the data contained within. In other words,…