Privileged Access Security: Protecting from Threats Inside and Outside
by Elizabeth Hulsey •
The adage is true, sometimes the most dangerous threats are from within. In the enterprise, this “insider risk” often takes shape in privileged access. Many organizations don’t want to admit it, but securing privileged access and locking down privileged users’ credentials is key as breaches continue to increase in number and effect across industries.
Typically people think of “privileged” access as anyone who has administrative level access to systems containing sensitive data, like credit card information or social security numbers. People with privileged access range from administrators to help desk technicians, but the definition also encompasses external parties, such as third-party vendors or contractors. In a recent study Bomgar conducted earlier this year, 69% of IT professionals said they definitely or possibly suffered a security breach resulting from vendor access within the past year and only 34% knew the number of log-ins attributed to vendors. Now more than ever, there is a need for organizations to be proactive instead of reactive when it comes to security, moving managing privileged users to the top of the security strategy list.
As October is National Security Awareness Month, it’s a prime time to focus on privileged access management - securing vendors and privileged users. Bomgar’s Privileged Access solution helps companies engender a productive workforce and ensure business continuity while simultaneously protecting credentials from being compromised. Features include:
Access without a VPN: Historically, companies have used VPNs to provide network access to vendors and third-parties, but this practice has some seriously troubling security implications. If a VPN connection is compromised, hackers can remain logged in for days—or months—and move about the network virtually undetected. In addition to eliminating this threat vector, Bomgar’s privileged access solution allows you to give vendors and third-parties granular access to your network (that doesn’t require a VPN) and doesn’t involve connecting directly to your highest-value internal systems, which are often the targets of cyber criminals. This allows vendors to do their job while you still do yours, securely.
Cloud Control: Innovation continues to pull full steam ahead despite the rising number of security breaches, with cloud being one of these innovations. In this environment, Bomgar brings a layer of security to internet-facing cloud resources by closing unnecessary ports. In addition, by enabling cloud-access control, Bomgar’s solution allows multiple authorized users to access and manage infrastructure without compromising security.
Mobile Consoles: The ubiquitous nature of mobile technologies and connected devices also has implications for privileged access security. With Bomgar’s mobile and web consoles, companies can enable privileged access without requiring the installation of software locally. This allows for more efficiency, convenience and overall safety when it comes to protecting sensitive information.
Analysis: Arguably, analyzing an effective privileged access security system is just as important as maintaining one. By performing forensics analysis and providing audit reports across video and text logs – internal and external compliance can be achieved. For example, Bomgar’s solution allows authorized users to monitor and terminate sessions in real-time! This augments control and works towards eliminating insider threats altogether.
Can you think of areas in which your organization’s privileged access security can improve? As the technological landscape continues to change, how can your organization be positioned ahead of the curve? Let us know in the comments below!
Elizabeth Hulsey is the Public Relations Specialist at Bomgar