BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Privileged Accounts are Pervasive and Problematic

Post by Peter McCalister December 13, 2010

If someone is walking around your organization with t-shirt that says “Bow before me, for I am root.,” then you will have a big problem on your hands when the auditors come around or if a hacker decides to target your company for theft or cyber sabotage.

How pervasive are privileged accounts in your organization?  Just start with anentitlements audit.  Request your Information Technology department, or outsourced provider, generate a report of every user’s access status (i.e. entitlement credentials) across servers, desktops, network devices, virtual servers and cloud applications.  Once you have this, just add up how many times you see “root, ” “superuser,” “administrator,” “su,” “suid” or any other credential with superuser/administrator-level privileges.  If your organization is like most others, you will discover there is at least one account which is shared across IT admins for each server and network device. You may also discover there is one admin to 5-10 servers with this level of privilege.  If you use MS Windows in the standard configuration, then every desktop user will also have administrator level access to their desktop or laptop computer. Now that’s pervasive!

How problematic are privileged accounts in your organization?  Just ask any hacker what their number one target is for any attempt at infiltration. The answer will come back as “harvesting admin credentials for direct access to the resource desired.”  Check out this story in Forbes for one example of what happened at the University of Central Missouri, or this story in the Wall Street Journal to see what happened at Goldman Sachs.

How do you protect privileged accounts in your organization?  The short answer is to eliminate all admin rights across servers, desktops, networks devices, virtual servers and cloud environments.  You can do this by implementing a privileged identity management solution.  Check out this white paper to learn how.

Leave a Reply

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,