Gartner released the first-ever Magic Quadrant for Privileged Access Management,1 shining a spotlight on what may be the largest security vulnerability enterprises face today.
Privileged accounts, credentials and secrets are “the keys to the kingdom” and they exist everywhere —on-premises, in the cloud, across DevOps environments and on endpoints. Attackers know this, which is why a majority of the most destructive cyber attacks of this decade exploited privileged access.
According to Gartner, privileged account management is the number one security project CISOs out of the company’s top security projects for 2018.2 If privilege is part of your strategic security priorities, here are seven steps to drive down the risk associated with unprotected privileged access:
- Eliminate Network Takeovers: Attackers that gain access to domain controllers can take over your network and cause long term damage. Privileged credentials associated with these assets should be moved to a centralized and automated PAM system with MFA to protect it.
- Control and Secure Infrastructure Accounts: Privileged credentials in on-premised and cloud infrastructure accounts are some of the riskiest in any organization, from server admin to database instance accounts, these credentials should be vaulted with passwords automatically rotated periodically and after every use.
- Limit Lateral Movement: Lateral movement is critical to advance attacks – this is when attackers study your infrastructure and find its weak spots. To limit attackers’ movement, remove local admin rights on IT Windows workstations to stop credential theft.
- Block the Third Party Backdoor: Attackers attack third-party vendors and supply chain partners as a way to infiltrate target organizations. To minimize risk, it’s important to vault all privileged credentials used by third-party applications and vendors and to rotate credentials frequently.
- Secure SSH keys: SSH keys are gold to attackers, and can be exploited to log in with root access and take over the *NIX (Linux and Unix systems) technology stack. These keys should be vaulted and routinely rotated based on policy. Automating this process to eliminate human error is a best practice.
- Defend DevOps: DevOps secrets are the newest ‘privileged credentials’ and exist in cloud and on-premises. Vault and automatically rotate all public cloud privileged accounts, keys and API keys. Additionally, secure secrets used by CI/CD tools such as Ansible, Jenkins and Docker in a vault, while allowing them to be retrieved on the fly, automatically rotated and managed.
- Secure SaaS Admins and Privileged Business Users: Exploited privileged credentials for SaaS applications could give attackers high-level and stealthy access to sensitive systems. All shared access to these systems should be isolated and require MFA.
To download a complimentary copy of the Gartner Magic Quadrant for Privileged Access Management, please visit CyberArk here.
1 - Gartner, Magic Quadrant for Privileged Access Management, Felix Gaehtgens, Dale Gardner, Justin Taylor, Abhyuday Data, Michael Kelley, 3 December 2018
2 - Gartner, Smarter with Gartner, Gartner Top 10 Security Projects for 2018, June 6, 2018
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
By: CyberArk Software