MANAGING YOUR PRIVILEGED ACCESS RISK

Risk comes from all sides, whether it’s determined, malicious “outsiders” or careless or disgruntled “insiders.” Either one can wreak havoc, since anyone who gains possession of privileged accounts and credentials can control organization resources, disable security systems and access vast amounts of sensitive data. Unmanaged privileged access is the common vulnerability whether you’re dealing with outsiders or insiders.

Privileged accounts and credentials — including shared admin accounts like ‘root’ and ‘admin’ — service accounts and application identities can be “all powerful.” Privileged users can perform just about any function and then erase their tracks when they’re done.

If you have taken all the right steps to block system vulnerabilities and protect critical data, the only way for an attacker to gain access is through privileged access.

To manage this risk, prevent the improper use of privileged access and protect your organization’s high value assets, organizations need to:

-Identify and understand the scope of their privileged access risk

-Proactively protect and monitor access to privileged accounts, credentials, and secrets

-Automate privileged access controls

-Isolate critical assets from malware

-Control privileged access to critical assets

-Monitor and manage all privileged access activity at the command levels

-Alert the security operations team to suspicious privileged access activity in real-time


More than: https://www.cyberark.com/solutions/security-risk-management/