How to Reduce User Friction While Securing Privileged Accounts
For many IT & security leaders, the increasing number of cyberattacks on businesses over the last few weeks is a top concern when traditional security measures seem no longer effective. As a result, people who are tasked with keeping your data secure have started to look for new ways to protect their data and the business.
A recent Gartner report highlighted some of the key IT security projects that enterprises should undertake, and privileged access management (PAM) was listed as a top priority for organizations since most data breaches started with compromised privileged accounts.
Despite increased investments in cybersecurity, many organizations are still struggling to address the problem. One of the biggest challenges for enterprises in implementing privileged access management (PAM) is that it creates more work for IT administrators, increasing their burden. And when they were tasked with maintaining business continuity, sometimes security can take a backseat for user experience. Some of the key factors that drive these challenges while implementing PAM are:
- Hybrid cloud deployments – When you have an environment that has different roles, systems, and authentication protocols, it can be difficult to manage multiple users and groups, including third-party suppliers and vendors, accessing different parts of the same infrastructure
- Increased speed and complexity of threats – When sophisticated attacks such as lateral movements, Golden Ticket, pass the hash (PtH) and other credential-based threats are hard to detect
You need to know when you have to truly step up your authentication for privileged users. For instance, if you add too many steps or make it longer to accomplish a task, it increases user resistance and admins may simply bypass the security best practices.
Also, not having MFA for service accounts creates a blindspot. The lack of visibility and control for compromised service accounts, which in turn can be used to compromise privilege accounts or the identity store can open up your organization for cyberattacks.
Due to costs or complex technical integrations, not all users and systems use PAM, which results in multiple authentication systems for users, siloed visibility and control, and eventually, gaps in security posture. Well, how do you ensure security resiliency in hybrid environments while delicately balancing privileged access controls for users with minimal user friction?
Get Visibility Across All Privileged Users & Service Accounts – On-Premise or Cloud!
Privileged users are not just limited to IT and security staff. Executives often have access to highly sensitive data and are regularly granted exceptions to standard security policies. Employees and contractors can be granted higher privileges out of a short-term necessity and later forgotten. Not closing the loop!
Attackers are highly skilled at finding privileged credentials or users in the network and turning it to their advantage. As a result, protecting these accounts and actively responding to any potential compromises, in real-time, has become a critical initiative for many CISOs. Simply checking the admin group in the Active Directory is likely to miss a great many hidden privileged accounts.
Use Frictionless Conditional Access to Protect Privileged Accounts, Without User Resistance or Workflow Changes
Often, security lapses happen in the absence of restrictive access to critical systems, especially from privileged identities. For organizations expanding rapidly without following established security framework, their enterprise data can be compromised when their IAM/security teams fail to create a robust baselining of all their privileged accounts and limit their access through a risk-based Conditional Access mechanism.
It can be daunting to maintain data integrity when you have so many users, groups, and service accounts accessing critical systems, applications, databases, and cloud services. However, following these best practices can minimize user friction and reduce risks:
- Discover – Identify all your privileged accounts and leverage policy-based Conditional Access architecture to maintain the ‘least privileged model’
- Detect – Ensure strong, real-time detection in addition to preventative controls
- Monitor – Enable MFA on privileged accounts, while monitoring and creating policy-based service account restrictions in tune with the changing risks
- Analyze – Add real-time analytics of users, including service accounts, to augment PAM
- Automate – Reduce alerting and turn on auto-remediation capabilities to reduce time and costs.
In response to the risks posed by cyber-attacks and breaches, many organizations are investing in additional security controls to proactively manage their privileged accounts. Solutions, like Preempt, sit in front of your Domain Controllers analyzing traffic and metadata to automatically discover all of your privileged accounts. A detailed insights page show all privileged users and information about each of them (who, what, where, etc.) along with important access traits (cloud-enabled, VPN, etc). With no human effort, your IAM/security teams can always see an up-to-date view of all the privileged accounts and the individual risk scores.
Watch the full webinar to learn more about CISO’s Secrets for Reducing User Friction With Privileged Access Management. In this presentation, Solenis CISO Adrian Giboi explains how he approaches the challenges of privileged access management without the user friction seen in other solutions.
Posted by Narendran Vaideeswaran on April 24, 2020 2:58 PM