Organisation Cyber Security
Editor’s note: The following article is written by Ang Chye Hin, Dell Security regional sales director for South Asia. Mr Ang talks about protecting your company and organisation from becoming the cybercrime victim.
Poorly managed privileged credentials represent a huge compliance and security risk, leaving organizations just as vulnerable as a hole in a firewall. The more people with such credentials and the more systems they can access, the greater the threat.
According to a global security survey commissioned by Dell and conducted by independent technology market research specialist Vanson Bourne, 73% of organizations have experienced a security breach in the last 12 months. Clearly, these trends are unsustainable, yet most companies attempting to improve their data security profile focus solely on external threats and ignore the proliferation of internal ones, especially privileged users and accounts.
Eliminating this threat, however, doesn’t have to be particularly difficult or expensive. Organizations can take steps to mitigate the security risks associated with privileged accounts and users.
First, it’s important for IT administrators to take inventory of privileged users and accounts. It’s impossible to mitigate the risks of privileged accounts if an organization doesn’t know how many it has or who needs access to them. Privileged accounts exist for almost every device and application within the organization. Creating a list of where these accounts are and who or what systems access them can help an organization identify where it is most vulnerable to internal security breaches.
Additionally, organizations should enforce strict change management processes to privileged passwords. Most organizations do a better job at this for regular users than for privileged accounts, but enforcing strong passwords and changing them regularly is even more important for privileged accounts. Privileged passwords should also be stored securely. When an inventory of all accounts and passwords is created, it is immediately put at risk of being compromised.
Whenever possible, organizations should ensure individual accountability and the lowest level of privileged access. Many of the compliance regulations in the industry today require that organizations know exactly who has access to what and when they have it. In addition, it’s necessary to provide only the level of access a user needs in order to perform the task at hand—the lower the level the better.
Most importantly, organizations need to audit and report on privileged access on a regular basis. Simply controlling what privileged users are allowed to do is not enough; it is also necessary to audit what they are doing. Regular reporting helps to identify when privileged passwords are changed and which users have used potentially harmful commands. Continual auditing and reporting is mandatory for understanding the state of security for privileged access and identify areas that require improvement.
While there is no simple silver bullet for securing an organization’s resources, combining each of these practices can dramatically reduce the risks associated with privileged access while providing a better understanding of where any security gaps may be.