BR +55 11 3069 3925 | USA +1 469 620 7643

How to ensure control of your privileged accounts with PEDM

by | Jan 7, 2021 | BLOG

It is well known that hackers wreak havoc around the world with advanced cyberattacks targeting a company’s most valuable assets. Another worrying scenario is the existence of malicious people inside a company who disclose confidential information to the public or take actions to cause internal damage. 

Most of these violations are due to the theft, abuse, or misuse of a privileged account. Privileged accounts allow anyone to control company resources, disable security systems, and access large amounts of confidential information. Given this, it is perfectly natural to consider the risks of privileged accounts as one of the greatest security threats a company faces today. 

Privileged accounts are a risk to a company’s security strategy and need unique controls in place to protect, monitor, detect, and respond to all privileged account activities.

The first step in managing and controlling the use of your privileged accounts is to identify where those accounts are and then establish usage guidelines through appropriate policies. Below, we show how you can take these steps cooperatively with your team.

Who are the users of your privileged accounts? 

Companies tend to ignore the wide range of access to privileged accounts. Anonymous, unverified access to these accounts leaves a company open to abuse that can paralyze its operation entirely. Thus, it is necessary to map the existing privileged accounts and verify who are the users who have access to these accounts, after all, it is impossible to manage something that we do not know. 

Check below the possible types of privileged accounts in your company and the associated risks.

 

  • Third-party Suppliers – Privileged access is granted to perform a job function, allowing contractors to work on the company’s infrastructure. Once inside, third-party contractors have unrestricted access to elevate privileges to confidential data across the company.
  • Cloud Server Managers – Business processes, such as finances, HR, and purchases, are shifting to cloud applications, exposing corporate assets to high risks due to the broad access granted to cloud administrators.
  • System Administrators – For almost all devices in an IT environment, there is an account with shared and elevated privileges and unrestricted access to your operating systems, networks, servers, and databases.
  • Application and Database Administrators – Application and database administrators have broad access to manage the systems to which they are assigned. This access allows them to also connect to virtually any other database or application found in a company.
  • Business Users – Senior executives and IT staff often have privileged access to business applications that contain sensitive data. In the hands of the wrong person, these credentials provide access to corporate financial data, intellectual property, and other confidential data.
  • Social Networks – Privileged access is granted to manage the company’s internal and external social networks. Employees and contractors have privileged access to write to these social network accounts. Improver use of these credentials can lead to a public acquisition, damaging a company’s brand or an employee’s reputation.
  • Applications – Applications themselves use privileged accounts to communicate with other applications, scripts, databases, web services, and more. These accounts are an often overlooked and significant risk, as in most cases they are hard-coded. A hacker will use these attack points to scale privileged access across the company.

Establishing a policy to align risk management with business goals

Best practices recommend that companies create, implement, and enforce a privileged account security policy to reduce the risk of a serious breach. Effective corporate security and compliance begin with a well-executed business policy. An initial policy approach ensures that exposure to external threats, insider threats, and improper use is reduced and that the organization complies with government and industry regulations.

Implementing the principle of least privilege

The principle of least privilege deals with the idea that any user, program, or process must have only the minimum privileges necessary to perform a role. For example, a user account created to extract records from a database does not need administrator rights, whereas a developer whose primary role is to update legacy code does not need access to financial records.

The principle of least privilege can be applied at all levels of a system. It applies to end users, systems, processes, networks, databases, applications, and all other aspects of an IT environment. 

Below, we list the best practices for implementing the principle of least privilege in your business.

 

  • Start with an audit – Check all existing accounts, processes, and programs to ensure that they only have the permissions required to do their job.
  • Start all accounts with the least privilege – The default for all new account privileges should be set as low as possible. Just add specific higher-level capacities as needed to get the job done.
  • Enforce separation of privileges – Separate administrator accounts from standard accounts and top-level system roles from lower accounts.
  • Make individual actions traceable – user IDs, one-time passwords, automatic monitoring, and auditing can make it easier to track and limit the damage.
  • Be consistent – Privilege auditing regularly avoids a situation in which older users, accounts, and processes accumulate privileges over time, regardless of whether they still need them or not.

Using PEDM (Privilege Elevation and Delegation Management) solutions

Monitoring and managing accounts with privileged access are one of the top requirements of the main information security compliance standards that establish best practices in the area. PAM (Privileged Access Management) tools are great allies in this activity, as they help companies to ensure secure access to critical information and reduce security risks by controlling, monitoring, recording, and auditing the activity of privileged users.

PEDM (Privilege Elevation and Delegation Management) is a PAM approach that can be implemented within a company. PEDM is the solution that implements the principle of least privilege. 

A PEDM tool controls the scheduling of privileged accounts and allows elevating and delegating privileged tasks to non-administrator users who require temporary access to target systems. After privilege tasks are completed, access rights are revoked.

Below we list the main benefits of PEDM solutions for managing privileged access in your company.

 

  • They eliminate super-privileged users who can introduce risks to your IT network.
  • They implement a zero local administrator policy. They grant privileges at a granular level, assigning specific rights to perform a specific action.
  • They establish security policies for applications and processes, rather than per user.
  • They facilitate productivity. Non-administrator users can still perform tasks with adapted privileges.
  • They protect assets with workflows combined with user access, use of credentials, and limitation of local rights.
  • They protect critical systems through session control and precise management of applications and processes.
  • They track and monitor activity with full session recording and logs for local devices.

senhasegura, among the best PEDM solutions in the world

Gartner, one of the most respected technology research and consulting institutions in the world, has recently released a new report called Critical Capabilities for PAM, in which PAM technologies and their ability to run and provide the functionalities needed for the cybersecurity universe are assessed. The document, which assesses the three critical pillars of PAM (PASM, PEDM, and Secret Management), has placed senhasegura in the top 3, among the main global companies that offer these resources.

This is an important report to assist leaders in risk and security management to gain more technical knowledge when choosing any of the PEDM providers present in the Magic Quadrant.

Download Gartner’s 2020 Critical Capabilities report here.

An Overview of Saudi Arabia’s Personal Data Protection Act (PDPL)

Saudi Arabia’s Personal Data Protection Law (PDPL) was implemented by Royal Decree M/19 of 9/2/1443H (September 16, 2021), which approved Resolution No. 98 of 7/2/1443 H (September 14, 2021). It was published in the Republic Journal on September 24, 2021. The Saudi...

The 5 Biggest Data Leaks of 2021

During the pandemic, cyberattacks grew more than ever. Theft, hijacks, and data leaks are increasingly popular practices in cybercrime. The lock and hijack for ransom (ransomware) category has stood out a lot, as data is a highly valuable resource and most companies...

HIPAA: Five Tips for Complying with The Certificate

What is HIPAA? Currently, this is one of the most frequently asked questions by many professionals working in the healthcare industry, especially in times of the Covid-19 pandemic. But why is it so important and what are its benefits for healthcare companies? First,...

How Does The LGPD Impact Companies?

Due to the growing technological development in the market, we can clearly see how much how consumers tend to buy products and services has changed. Through more practical technologies, such as cellphones, laptops, and tablets, for example, they are just a click away...

What Is the Difference Between IAM and PAM?

It is important to know the differences between IAM (Identity & Access Management) and PAM (Privileged Access Management). However, this theme still raises doubts for some people. First, it is necessary to understand that the need to obtain an identity is...
Copy link
Powered by Social Snap