In 2018, the absence of PAM tactics caused 60% of database attacks in companies. A less impressive number than it seems. Administrator-level accounts are the main target of attackers. They have the power to remove, add, and send data packages across the network. Undoubtedly, privileged accesses represent direct entrances to the entire infrastructure.
Moreover, risks increase in large companies, mostly because threats are also internal due to the value of databases.
As in any business, IT teams manage the most sensitive operational resources. Therefore, employees in charge can easily alter important information.
One of the most prominent cases in 2018 was the data leak at Tesla Inc. A disgruntled employee stole and transferred the company’s secrets to third parties from three computers with administrator permits. An action that has involved losses of millions of dollars in competitiveness and innovation.
For this reason, it is essential to execute a solid strategy of Privileged Access Management. In order to help you strengthen your accounts, in this article we share with you the best PAM practices.
Identify vulnerabilities
Most companies have security actions for the processes of regular employees. However, the usage of qualified Privileged Access Management is still underestimated. There are many reasons for this: lack of updated information about digital security, poor implementation of protocols or cheapening IT costs.
That is why it may seem quite a challenge to set a security structure for administrators from the scratch. Although, it is simpler than it looks.
We recommend you to start by identifying vulnerabilities. This means: register the weak flanks of your privileged access in order to avoid current attacks, close leaks and eliminate former employees’ credentials.
According to reports, there are three main vulnerabilities that you must urgently address:
# 1 Access Protocols
Some IT departments work for basic day-to-day operations. This can trigger problematic dynamics ranging from poor system performance to lack of implementation of relatable cybersecurity defenses.
In this way, it is possible to execute rudimentary and not personalized access protocols. Such as factory configurations, the absence of preventive activities, inadequate monitoring, and out-of-date systems.
# 2 Weak controls
In the absence of automation, human activity can constantly generate vulnerabilities. Leaving total control of systems to employees generates more losses than profits, because you may hire people interested in your data.
For this reason, the lack of AI and automatic flows are considered one of the most important gaps that companies must address. Besides, AI does not imply job losses, but rather promotes their optimization.
# 3 Absence of corporate policies
The lack of policies on PAM hampers good practices in managing privileges. This clutters the entrances to the corporate network. In many cases, there is not renewal of credentials or deletion of accesses.
However, any vulnerability can be fixed. Find out how to do it with these 5 PAM Best Practices.
5 PAM best practices to implement
Once you have identified your main vulnerabilities, you can start implementing a short-, medium- and long-term PAM strategy.
Keep in mind that there are basic actions to carry out effective tactics; regardless of whether you choose step-by-step, preventative strategies or point-strengthening approaches.
# 1 Monitor all privileged access accounts
You should monitor the activities of privileged accounts on a daily basis. Also, we recommend you record changes in systems, review the impact on the database and identify risky activities for the company.
With the support of automated tracking, you can track important variables such as access from unknown computers, IP changes, and manipulation of sensitive information.
# 2 Use OTP
One Time Passwords (OTP) are essential integrations in any PAM strategy. OTP limit privileged accesses without interfering with the tasks. They can be configured to expire in a certain number of hours, according to the equipment, date or location.
Basically, they help you rotate credentials to prevent abuse.
# 3 Combines PAM and IAM
PAM and IAM technologies are the perfect match. While Privileged Access Management is responsible for controlling credentials and higher-level activities in systems; Identity and Access Management (IAM) can help you verify the identities of individual users.
In other words, you can have full control of the activities in your databases. And at the same time, apply several layers of verification to know the profiles of those who access the most sensitive management levels.
# 4 Elevation of privileges
The secret of a good PAM is caution. For this reason, it is recommended to raise the privileges of devices instead of raising the privileges of people.
It is necessary to limit the administration of certain software to machines or operating systems, as well as to grant partial access to users.
# 5 Reinforce Layer 7 of your systems
Use a specialized PAM software. You need a battery of tools for monitoring, access control, behavior analysis, and encryption. When you keep centrally all privileged access activities, you facilitate the orchestration of cybersecurity tactics and generate a better flow between automated processes.
At GB we use BOMGAR Secure Access Software. A leading PAM application for large enterprises. Contact us for more information.
