Securing Accounts: Rotate and randomize privileged credentials
by Chris Herrin|
Security – a word that we’ll continue to hear a lot of, especially when it comes to protecting critical systems and data on company networks. Not only do you have to protect the systems themselves, but also the accounts and access pathways associated with them. Once you’ve secured privileged access, and stored the credentials for the privileged access accounts in an enterprise password vault, let’s take it a step further: rotate and randomize privileged credentials.
The fourth step in Bomgar’s unique Six Steps to Secure Access builds upon the third step of protecting passwords. While you were taking measures to reduce the risk of shared credentials, you were also ensuring that the foundational enterprise password management technology was well deployed in your organization. Following the first two steps that noted securing privileged access for vendors and insiders, [you] security professionals now have more time to focus on a complete credential strategy. Step four is all about ensuring that every local privileged credential is unique in order to stop lateral movement. And even if a password is hacked or compromised, it won’t be useful for long enough because it will be rotated.
We developed these steps after talking to many of our clients and their teams that are responsible for security of their respective organizations. It really became clear that many of them either don't have a secure access strategy at all, or they do have the beginnings of one, but it focuses slowly on the privileged credentials or identities – which often results in a really slow rollout and a challenging adoption time.
What we see is that because of that challenging adoption time, that's where we began to realize that that latter approach of just focusing on credentials is really only half the battle. Check out this free on-demand webinar for more insight on building a successful defense-in-depth strategy for protecting your organization against today’s cyber threats.