The Seven Deadly Sins of Privileged Account Management

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next The Seven Deadly Sins of Privileged Account Management-8 Next

Losing track of service account passwords and where they are used

Service account passwords are often used by many different applications, like automatic backups and other tools that require network access for day-to-day functionality. Service account credentials have broad access across the network, so need to be changed on a regular basis. Unfortunately, they are used in so many places on a network that they are often purposefully ignored by IT administrators – many admins are afraid that if they change the password, a host of other applications will break, with the potential of causing serious downtime. To effectively protect service accounts, IT admins need a tool that can detect all of the applications dependent on each service account and automatically update credentials without downtime. Instituting a process for service account management can reduce the risk of attack while avoiding service outages due to mismanaged accounts.

The NSA scandal involving Edward Snowden's abuse of account passwords has raised major concerns around the risk posed by privileged insiders. Recently, the notoriously secretive Coca-Cola company suffered a high-profile data breach, which brings into question how often password theft and abuse occur unnoticed. Many organizations are now wondering how they can avoid the same risk from their own IT administrators and contractors who often have unfettered access to the keys to the IT kingdom: privileged IT passwords.

One area that continues to be vulnerable is the unmanaged privileged account. Privileged passwords are created and used by trusted IT administrators to maintain servers, configure services, and install new software or devices. These accounts are a constant risk, both from external hackers and curious or disgruntled insiders.

There are a number of common mistakes that IT administrators make when safeguarding privileged account passwords, but many can be easily avoided. Thycotic Software, a provider of privileged account management solutions for global organizations, has compiled a list of the "deadly sins" of privileged password management and tips for how IT administrators can keep their accounts secure.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.