When it comes to data breaches and other cybercrime, advanced attackers often abuse privileged access credentials to get to an organization’s sensitive data, infrastructure and systems. And with an increased number of companies relying on high volumes of data to run both front- and back-office operations, keeping that sensitive information secure is mission critical.
Privileged access: the keys to the IT kingdom
The term “privileged access” refers to special network access or IT capabilities that surpass those that apply to standard users. A human user, such as an IT administrator, can have privileged access. It can also be granted to a non-human user, like an application. Common examples of privileged access include:
- Domain administrative accounts, which provide administrative access to any workstation or server on a particular network domain.
- Emergency accounts (also known as “firecall” or “break glass” accounts), which allow users to secure systems during an emergency.
- Privileged business users, who are not members of an organization’s IT team but need access to sensitive data and systems (for example, financial or human resources professionals).
The sensitive information available to users with privileged access requires the highest levels of security around these accounts. Privileged access management includes monitoring, securing, and auditing all privileged identities — whether human or non-human — across your enterprise.
As a best practice, your company’s privileged access management strategy should be rooted in the principle of “least privilege,” meaning that users receive only the minimum amount of access they need to do their jobs effectively. This approach reduces the risk of data breaches and cyberattacks by malicious insiders or external operatives, and helps you protect your organization’s most valuable data.
The growing importance of data privacy and security
In recent years, government agencies and well-known corporations have experienced major data breaches in which cybercriminals exploited privileged credentials to plan and execute their attacks. And as a growing number of organizations embrace the cloud, DevOps, automation and other advances in technology, the number of entities that require privileged access to keep their IT enterprises running smoothly has grown as well. The more people or applications to which your enterprise grants privileged access, the higher your risk of a breach — and the more critical it is to employ data security solutions that monitor privileged accounts for suspicious activity.
For example, spear phishing, when attackers incorporate their victims’ personal information in emails and text messages to commit fraud or identity theft, is one way malicious actors exploit private data obtained via privileged access. Any organization that collects personal information about employees, customers or other individuals can be a target. Fortunately, businesses can protect themselves: privileged access management tactics such as a zero-trust framework can reduce the financial impact of a breach by more than 40%, according to IBM’s 2021 Cost of a Data Breach report.
Educate and protect privileged access users
Given the growing number of cyberattacks that leverage privileged access to organizations’ private data, companies need to be more vigilant than ever about these credentials — especially when a breach has the potential to significantly disrupt business. These and other privileged access management best practices can help companies educate privileged access users and protect their data:
- Educate your privileged access users on current cyber threats and best practices, including using unique strong passphrases for all their accounts
- Require multi-factor authentication for privileged access accounts, including SaaS, admins and privileged business users
- Maintain a centrally managed, digital vault to hold well-known infrastructure accounts; regularly and automatically rotate passwords after each use
- Vault any privileged accounts used by third-party applications
- Conduct “red team/blue team” simulations, where members of your IT department role-play as attackers and attempt to exploit security weaknesses in your systems. In this way, you can identify the weaknesses and address them to guard against real attacks.
In the context of privileged access management and data privacy, the old saying holds true: an ounce of prevention is worth a pound of cure.
Phil Muscato is Market President and Commercial Sales Leader with KeyBank in Rochester.