Intelligent CISO Issue 13 | Page 34

P RE D I C T I V E I NTELLIGEN CE  Privileged identities are separate from user identities. They’re different technologies. Industry analysts write about them in separate reports. Software vendors usually specialise in one or the other. At a fundamental level, the idea of a regular user and a privileged user are different. If user identities are the keys that employees carry to open the front door of the office, privileged identities are the keys used by the security guards to get into every door in the office building. John Hathaway, Regional Vice President – Middle East and India at BeyondTrust any IT asset in an organisation – on premises or in the cloud. In large enterprises there are so many privileged accounts, that organisations often can’t keep track of where all their privileged accounts reside or who can access them. Unfortunately, though, almost every one of these powerful privileged accounts represents an attack vector that can be exploited by an insider threat or an external hacker. And it only takes one breached privileged account to snowball into a disaster. Privileged identities are often overlooked When I describe this situation to people, it’s usually at this point where they tell me they have an Identity and Access Management (IAM) tool to handle the problem. No, actually you don’t, I respond. Here’s why: IAM products deal primarily with user accounts associated with personal logins. Organisations use IAM solutions to provision and de- provision users. However, privileged identities aren’t managed by standard IAM systems. Unlike user identities, privileged identities aren’t typically provisioned. Instead, they appear on the network whenever physical and virtual IT assets get deployed or changed. As a result, it’s necessary to discover and track privileged identities with software that’s separate from conventional IAM. That’s where Privileged Access Management (PAM) comes in. 34 User identities are tied to a particular person. All the things in the IT infrastructure connected to that Almost every one of these powerful privileged accounts represents an attack vector that can be exploited. particular person are traced to his or her digital identity. Privileged identities, on the other hand, are not mapped to a single person. They’re used by many people. And sometimes they’re not even used by people, like the privileged identities created to run service accounts. So, PAM must account for the fact that the people using a privileged identity may be different at any given time. Therefore, it’s essential to have a way to track who has privileged access and control what they are doing with that access. Automating cybersecurity with Privileged Access Management Now, let’s bring this back to the question posed at the start of this article. If it’s inevitable that intruders will get in, how will I protect my organisation after hackers breach our network perimeter? Traditional perimeter security tools can’t cope with advanced cyberattacks or carefully crafted social engineering exploits. Once the intruders penetrate the perimeter, conventional IAM solutions don’t defend the powerful privileged identities that attackers need to accomplish their nefarious plans. But PAM technology does. With a PAM solution you can automatically discover all the privileged accounts throughout your cross-platform network. Just one vulnerable account can open your entire network up to compromise. Issue 13 |