Privileged Access & the Future of Security Prioritizing privileged access can dramatically reduce the business impact of an attack. Here are five reasons why.
Industry research firm Gartner this month released the first-ever Magic Quadrant for Privileged Access Management (registration required). It is, in our view, a significant milestone for the industry.
Privileged credentials exist everywhere. The adoption of cloud, DevOps, robotic process automation, and the Internet of Things have dramatically expanded the threat landscape. Attackers know this, which is why nearly 100% of all advanced attacks today rely on the exploitation of privileged credentials to reach a target’s most sensitive data, applications and infrastructure.
While there is no silver bullet for achieving bullet-proof cybersecurity, organizations can dramatically reduce the impact of an attack by prioritizing privileged access . These five reasons show why securing privileged access matters more today than ever before:
1. Privileged Access Provides a Pathway to Critical Assets
Attacks that reach the domain controller level can lead to a hostile takeover of network and assets. Attackers are starting to apply this approach to new environments, targeting cloud consoles and orchestration tools to gain control overall all infrastructure. Attackers who gain this level of privileged access can control any server, controller, endpoint or piece of data, anywhere on a network. They can run commands, or download/install anything they want. Regardless of the environment, privileged access management helps secure tier0/critical assets.
2. Humans Are Going to Be Human – Trust is Not a Security Policy
Humans are always the weakest link in the cybersecurity chain. Whether it’s privileged users abusing their level of access, or attackers targeting and stealing privileges from users to masquerade as a privileged insider, having a privileged access management program in place to protect from these abuses is paramount. Privilege is also the control that makes sure that the right people have only the necessary levels of access to sensitive applications and infrastructure to do their jobs, ensures that the activities occurring within an environment aren’t malicious, or if they are, enables security operations teams to take quick action.
3. Privileges Proliferate across Machines and Applications
For systems to work together, they have to access one another. That’s why the number of machines and applications that require privileged access vastly outnumber the number of people. These non-human entities are harder to monitor, keep track of, or even identify. Commercial apps typically require access to various parts of the network, which attackers can exploit. A good privilege strategy accounts for everywhere privileges live and detects anomalous activities as they occur.
4. Privileges at the Endpoint
Every single workstation in an organization contains privilege by default. Built-in admin accounts allow IT to fix issues locally, but creates a massive security gap that attackers target and exploit. Attackers can exploit these risky systems by getting in and then jumping laterally from workstation to workstation until they reach what they are looking for.
A proactive privileged access security program should account for the comprehensive removal of local administrative rights on workstations. Without this step, attackers can easily move laterally into – and around – the network.
5. Achieving Compliance Revolves around Privilege
Putting privileged access at the forefront of an organization’s security and risk management strategy enables the recording and logging of all activities that relate to critical IT infrastructure and/or sensitive information. The ability to monitor and detect suspicious events in an environment is very important. But without a clear focus on what presents the most amount of risk – unmanaged, unmonitored and unprotected privileged access – the business will remain vulnerable.
To download a complimentary copy of the Gartner Magic Quadrant for Privileged Access Management, please click here.
Gartner, Magic Quadrant for Privileged Access Management, Felix Gaehtgens, Dale Gardner, Justin Taylor, Abhyuday Data, Michael Kelley, 3 December 2018.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About the Author:
Adam Bosnian is executive vice president at CyberArk, where he is responsible for managing and expanding global strategic relationships with technology partners. As an early member of the CyberArk management team, Bosnian led the industry to define the market for privileged account security and has played a key role in helping to secure and maintain CyberArk’s leadership in the space.