If Identity is the New Perimeter, then Privileged Identities are the Perimeter’s Crown Jewels
All identities are of interest to cyber criminals, but privileged identities are an especially high-value target because of their “super-user” access. Without comprehensive privileged account protection, an attacker can find an open door into critical systems and data, allowing them to broaden their foothold in your network. The attacker could then:
- Manipulate or destroy data
- Impersonate authorized users to commit fraud, such as initiating unauthorized payments or redirecting legitimate payments to the wrong bank account
- Steal critical intellectual property
- Sabotage systems
Privileged identities are typically limited to a small number of users. Usually these users are IT administrators or business users responsible for managing a line of business application. However, most companies focus on convenience rather than security when establishing privileged identities, and will often have significantly more privileged identities than necessary to manage the infrastructure. Worse, wide-ranging privileged access is often left in place even when not needed. Ideally, privileged access should be “just enough,” and “just in time.”
The Importance of Deprovisioning Defunct Accounts
All sorts of systems and applications require privileged access to properly perform their function. These privileged identities are not assigned to a specific individual, and often no one in an organization knows how many exist or what function they perform. While traditional user identities may be provisioned and deprovisioned automatically based on reliable HR data, privileged identities are typically managed manually. This significantly increases the risk that privileged identities will remain active when they are no longer required – providing a useful attack vector for unauthorized access.
Some key indications that you need to focus on improving your overall privileged identity management program include:
- You don’t have a comprehensive inventory of all the privileged identities that exist in your infrastructure
- You don’t know the purpose of each privileged identity
- You can’t tell who used those privileged identities and when they used them
- The number of privileged identities exceed more than 3 or 4 per purpose
- You can’t document the last time the password was changed on a privileged account
- Privileged accounts have permanent access to all resources that they only need to access occasionally
More and more organizations see privileged account management as a critical business issue
As the security and compliance environment gets more complex and cyber threats increase, our clients are raising privileged identity management as a critical business initiative.
Because of this trend we have spent a lot of time and effort putting together the best combination of strategic processes and technical expertise to help our clients address PIM issues. Our typical client is a large, highly complex, Microsoft-friendly enterprise that has stringent security and compliance requirements, and PIM is top-of-mind for many of them.
Oxford Computer Group (OCG) creates solutions using Microsoft, and complementary, identity technologies. OCG has implemented over 1000 of these projects all over the world.
If you think we could help you implement a comprehensive privileged identity program we would be happy to have a conversation. Contact us.