In the current contingency, our prime recommendation is to use Privileged Access Management (PAM) and Endpoint Privilege Management (EPM). Why? COVID-19 has forced us all to be dependent on the Internet.
With measures like social distancing, both economic activity and day-to-day life have changed. In cyberspace, this level of dependency creates vulnerability; and malicious attempts to exploit this unforeseen social change are already rampant.
A report from the Congress Research Service reported an increase in cybercriminals attacks. From selling fake COVID-19 cures online or impersonating intergovernmental healthcare organizations; to embedding malicious software into online resources that track the pandemic.
In many organizations, some (or all) users have full administrative rights. These allow them to run most of the company apps and even some external ones. Because of these rights, they can install any type of software. This, of course, allows the possibility of installing malware on your company’s devices and assets.
Organizations tend to assign local administration rights to many employees across the company. Usually to mitigate productivity losses and ease the burden on IT support. However, doing this puts your company’s confidential data at risk. And this is where Endpoint Privilege Management comes into play.
Privileged Access Management
Privileged Access Managements are cybersecurity strategies and technologies that control access and permissions. These permissions include most accounts, processes, and overall systems in a computing environment.
By defining the level of access controls, PAM allows you to reduce attacks on your organization. This allows mitigating damages derived from external attacks, as well as internal negligence.
Although PAM encompasses many strategies, its main goal is the “least privilege” policy. This restricts access rights for users, accounts, systems, and devices to their minimum. With this, you only allow the necessary routines and authorized activities. This, of course, includes Endpoint Privilege Management.
What is Endpoint Privilege Management?
Endpoints are all the things user-related: computers, apps, and even servers. Endpoint Privilege Management allows you to control what they can and cannot perform from their Endpoint. With EPM, your organization can remove access from local admins with minimal impact.
By turning privileges requests to on-demand, your EPM tool provides users with only the necessary privileges. These privileges will serve to run trusted apps and perform authorized tasks. Endpoint Privilege Management has automated workflow and self-lift features. With them, you can protect and empower high-end end users.
What are the risks of not applying Privileged Management?
If abused, local administration access can compromise security and lead to data loss. This can, in turn, derive into high support costs and poor user experience.
Users with unfiltered local rights have full control of Endpoints, including:
- Install or run unauthorized processes or apps that compromise both networks and computers.
- Install malware that exploits privilege access, intentionally or unintentionally, generating illegal accesses.
- Disable security and key configurations of the entire system, nullifying any defense.
- Make changes to some program’s base file system, altering delicate settings.
- Change the standard settings of the company desktop.
Although local rights are not as powerful as domain rights, it does not mean you can ignore them. Attackers can exploit local rights to access other network controls such as access domains or apps.
How to put in place this solution
Endpoint Privilege Management is vital to the security of a company. Yet historically, it’s perceived as an implementation challenge. It’s true that, without proper implementation, it can lead to a greater volume of requirements for the IT department. Especially when users encounter problems accessing documents or applications they need.
In a Gartner study of 200 security professionals, 61% of them have already implemented an EPM. Another 20% were preparing to put it in place or expressed that it would be a good solution for their company. However, the rest said that, although excessive access by employees was a risk, they did not know where to start.
Balancing access restrictions with user experience is a challenge many fail to solve. For example, Exception handling capabilities are crucial to ensure user productivity. Furthermore, this must be ensured even in the context of a standard user account.
For instance, a popular method of processing apps is to offer a simple application code; the user asks computer support for an authentication code to continue. This provides an extra layer of security as IT can determine if that action represents a risk. So, you can determine if the request you should whitelist the rule for the future.
Endpoint Privilege Management: A BeyondTrust Solution
BeyondTrust, the world leader in Privileged Access Management, recently announced an upgrade. It’s to BeyondTrust Privileged Remote Access, for automation, usability, and reporting issues.
This update affects its Endpoint Privilege Management system, which attacks Endpoint vulnerabilities.
BeyondTrust provides third parties with secure access to critical systems. In other words, the latest version creates securer remote access paths to new IT assets.
Therefore, Apart from a wide-open configuration API, it allows you to reduce manual administration. All of this can also become an increase in the efficiency of your company.
If you want to know more about Endpoint Privilege Management, do not hesitate to contact us. In this time of changes, at GB Advisors we work to offer you the solutions you need to improve the performance of your company. We strive to offer you the IT environment you deserve, in the most efficient way.
