The new cybersecurity “perimeter”: Securing privileged access
Joseph Carson
Because so many applications and services are now hosted in the cloud, the traditional cybersecurity perimeter no longer exists. Accelerated by the COVID global pandemic, remote access from multiple devices has become the rule rather than the exception across our networks. In our always-on, Internet-connected universe, every user potentially has access to privileged or sensitive information. This means the compromise of a single user’s credentials can all too readily be exploited by cyber criminals to escalate privileges and gain access across your entire network, undetected.
This Definitive Guide to Securing Privileged Access, sponsored by Delinea and authored by John Pinson, a veteran technology journalist, helps to explain the rapidly evolving landscape of privileged access, what you need to understand about its challenges, and how you can meet those challenges with new Privileged Access Management knowledge and solutions.
Conventional approaches to PAM fall short
We start by recognizing that securing critical business applications, cloud assets, and remote workers in the perimeter-less enterprise with conventional PAM tools is no longer enough. Today’s cyber threats are too fast-moving, diverse, and unrelenting. IT security teams need to implement advanced privileged access practices to gain secure control over web-based cloud management platforms and enforce least privilege access.
All users are essentially “privileged” users
Toward that goal, this free eBook makes a key assertion: all users are essentially “privileged” users. But, when it comes to securing access to both non-human and human privileged accounts—your “Keys to the Kingdom”—we recognize not all users are created equal. For example, accessing work email may require a password or multi-factor authentication. Accessing customer information, by comparison, should require a higher level of authorization or security control. That security could be enforced through prior permission from an established, in-house authority based on an explanation for the request, as well as a time limit imposed if/when access is granted.
Risky habits persist
Despite the well-known risks, far too many organizations still rely on traditional methods of identifying and managing privileged accounts. Even in the most sophisticated IT environments, security practices are often characterized by continued adoption of shared passwords across multiple systems, unmonitored sharing of credentials, and the use of default passwords seldomly or never changed.
These practices can easily compromise security because, for most attackers, taking over low-level user accounts is only a first step. Their real goal is to take over privileged accounts so they can escalate their access to applications, data, and key administrative functions.
Personal accounts on end-user devices, for example, are often hacked initially through social engineering techniques. Attacks are then escalated to compromise accounts with higher privileges, often using the same credentials to move laterally to other systems.
Why this guide should top your reading list
The Definitive Guide to Securing Privileged Access lays out a straightforward blueprint for IT security teams along with other cybersecurity stakeholders to plan and execute a strategy for securing privileged access in all its diverse forms and applications.
The eBook explains the essentials for orchestrating your privileged access security strategy
The first couple of chapters give you the basics of privileged access security and how the concept of privilege is changing. Next, the eBook explores the risks associated with privileged access faced by organizations, especially as they move to the cloud. Then, it sketches the blueprint for how to align Privileged Access Management with your overall security priorities. Most importantly, the eBook explains the essentials for orchestrating your privileged access security strategy by detailing the capabilities you need for a successful program.
The eBook concludes with recommended next steps for securing privileged access in hybrid cloud and multi-cloud architectures that serve a diverse group of teams and stakeholders. Finally, it provides several suggestions on what to look for in choosing privileged access software solutions—including crucial value-adds to make your deployment a success.
Key components of a comprehensive approach to managing risk
In the Foreward to the eBook, I outline three key components you need to support a comprehensive approach to managing risk while balancing cybersecurity requirements with user productivity and experience. They bear repeating here as essential to an intelligent, adaptive, and highly usable cybersecurity framework:
Interoperability – A traditional siloed approach to deploying “best of breed” security solutions is no longer acceptable. That doesn’t mean one size fits all, where granular control is sacrificed for the sake of convenience. It does mean evaluating the integration and interoperability of multiple layers of defense.
Automation – Cybersecurity solutions that slow down or impede the user are doomed to remain shelf-ware or be circumvented, rendering them irrelevant. Managing secure access—including authentication, authorization, monitoring, and more—should be as frictionless as possible, with controls guided by automated policies running in the background.
Orchestration – Getting multiple cybersecurity solutions working together like a symphony orchestra requires a conductor to keep everyone moving in sync and harmony. Privileged Access Management software solutions serve as the conductor, enabling the security team to coordinate and fine-tune a multifaceted defense that places a premium on seamless, secure access appropriate to the risk involved.
At Delinea, we are dedicated to providing security software and services that help our customers manage all their users (including IT staff, business employees, and third-party providers), enabling them to gain access to a multitude of apps and services and do their jobs as safely and securely as possible. The key to making this work for everyone is to develop a comprehensive and continuous risk assessment of how data throughout the organization is accessed. You can then apply security controls and policy enforcement with automated management solutions to manage the risk.
Start now by reading the new Definitive Guide to Securing Privileged Access.
Subscribe to Delinea's YouTube Channel