Protecting Privileged Credentials: An Essential Step In Cybersecurity

Software company Centrify recently released the results of its Privileged Access Management in the Modern Threatscape survey. Centrify surveyed 1,000 IT decision-makers about cybersecurity in their organizations. The survey found that, of the organizations that had experienced a data breach, 74 percent resulted from privileged access credential abuse.

However, many organizations do not have sufficient Privileged Access Management and privileged credential security. Among those surveyed who experienced a breach, only 48 percent now use a password vault and only 21 percent implemented multi-factor authentication (MFA) for privileged administrative access. In addition, 65 percent share root or privileged access to systems and data at least somewhat often.

Advanced areas of IT are the most unprotected, with many organizations failing to use privileged access controls to protect containers (72 percent); network devices like hubs, switches, and routers (68 percent); Big Data projects (58 percent); and public and private cloud workloads (45 percent). The top five cybersecurity priorities for respondents are protecting cloud data, preventing data leakage, analyzing security incidents, improving security education/awareness, and encrypting data.  

Finally, only 35 percent of organizations in the U.S. use Privileged Access Management to manage their partners' access to privileged credentials and infrastructure, according to the survey. Most respondents want to adhere to cybersecurity best practices, but fail to do so because of budget constraints and lack of executive buy-in. Louis Columbus "74% Of Data Breaches Start With Privileged Credential Abuse" forbes.com (Feb. 26, 2019).

Commentary

According to IBM's 2018 Data Breach Study, an enterprise in the U.S. will lose, on average, nearly eight million dollars recovering from a data breach.

Because weak, stolen, or otherwise compromised privileged credentials cause most data breaches, organizations must take measures to protect these credentials. Password vaults and multi-factor authentication are two easy ways to reduce hackers’ access to your credentials. Create a written cybersecurity policy that prohibits members of your organization from sharing passwords and requires them to use unique, strong passwords for every privileged account.

Organizations must also take steps to prevent internal bad actors from sharing privileged access credentials with cybercriminals. A recent Accenture survey found that 18 percent of healthcare employees would sell confidential data for as little as $500 to $1,000, and 24 percent of employees know a coworker who has sold privileged credentials to someone outside the organization. 

Have all employees who work with sensitive data sign a nondisclosure agreement stating that they will not share or sell sensitive data. Specify that doing so will be grounds for termination as well as legal action, including possible criminal charges.

The Centrify survey found that only 37 percent of organizations can disable privileged access for an employee who leaves the organization within a day. Allowing former employees to continue to have access to their privileged credentials is a major risk area that must be addressed. Work with your IT team to improve your ability to immediately revoke access for employees who quit or are terminated. Have procedures in place to make sure that employees cannot take data with them when they leave. Require employees to turn in their laptops and other organizational devices before exiting the building.

Finally, your opinion is important to us. Please complete the opinion survey:

News

Recycle The Trash, Not Your Passwords

Reusing the same password for multiple accounts invites cybercrime. We examine. Read More

Lessons Learned From The Equifax Data Breach

Recent large data breaches like Equifax, Capital One, and American Medical Collection Agency illustrate the risks of storing confidential and personal information. We examine. Read More

Not All Search Engine Sites Are Safe: The Fallibility Of Blacklisting

Blacklisting helps users avoid malware-infected sites, but there are flaws. We examine. Read More