Why privileged accounts are more at risk than everMany of us are working from home in the aftermath of the pandemic, including privileged users. For organizations, it's more complicated than ever before to verify that employees are who they say they are when they login to workplace applications. Previously, we could see who was in the office and who wasn't. We only see that someone is active thanks to a Teams or Slack icon. Who's to say that this user is authentic? With their unfiltered access privileges, privileged accounts are a holy grail for cybercriminals. In fact, Forrester estimates that 80% of enterprise data breaches occur because of hacked privileged accounts. Unfortunately, privileged account passwords are often easy to guess, making it straightforward for a cybercriminal to break in. Moreover, LinkedIn has made it easy for cybercriminals to gain a lot of information about companies they want to hack. With some light sleuthing, a hacker can discover I.T. administrators' names, their email addresses, and possibly even one of their old passwords on the dark web. Then, there's the insider threat, the risk that employees might intentionally steal data, which typically occurs if an employee is about to change jobs or has left a company on bad terms. To defend against these risks, companies should turn to privileged account management (PAM). PAM is a way to evaluate, manage and audit privileged user accounts. However, not all PAM solutions are created equal. If your strategy is paper-dependent and manual, you will likely struggle to stay on top of auditing.
4 steps to better PAM When implemented correctly, PAM is a great way to improve your business's cybersecurity. Here are three steps for more effective PAM:
1. Create an inventory of your privileged accounts A good PAM strategy starts with a detailed inventory of your privileged users: who they are, what privileges they have and how they use corporate resources. You should create a living document with this information. This document shouldn't gather dust; it needs to be updated in line with people movements, new hires and leavers. Moreover, if there is an instance where an employee needs elevated access privileges - say, for a project - this should also be logged in the inventory. You should ensure that the employee's access privileges are only escalated to what is necessary, and they should be changed back to normal as soon as the task is complete.
2. Educate privileged users You should create detailed, written guidelines that show privileged account holders how they are expected to interact with corporate resources. To make this guidance digestible, we suggest creating a do's and don'ts style guide, including rules such as:
Do set passwords with a mixture of special characters, upper and lower case characters and numbers
Do enable multi-factor authentication
Do not share your password details with other users in any instance