CyberArk, the company securing the heart of the enterprise, has released a maturity model to securing privileged accounts, titled The Three Phases of Securing Privileged Accounts: A Best Practices Guide. This guide will enable organisations to understand how to prevent exploitation of this critical security layer by providing a simple, yet effective, framework for applying the best security strategy for any environment.
“The role of privileged access in headline-grabbing security breaches is undeniable and has pushed the management of these accounts to the top of every CISO’s priority list, yet few understand how to address the problem beyond compliance mandates”
Privileged accounts are exploited every day, highlighted by the data leaks by NSA systems administrator Edward Snowden and the recent U.S. tax return crime wave, yet smaller-scale attacks occur daily. The cost of doing nothing to protect these accounts is routinely displayed in the stream of reports detailing compromise after compromise effecting businesses across the globe. Correspondingly, security frameworks such as the Council on Cyber Security Top 20 Critical Security Controls and NIST have always maintained the importance of protecting, managing and monitoring privileged accounts, however, there remains much confusion over how to manage this critical security layer.
“The role of privileged access in headline-grabbing security breaches is undeniable and has pushed the management of these accounts to the top of every CISO’s priority list, yet few understand how to address the problem beyond compliance mandates,” said John Worrall, chief marketing officer, CyberArk. “This guide will serve as a starting point for the many organisations left wondering, ‘What are privileged accounts?’ ‘Where do they exist on my organisation?’ ‘How do I protect them?’ ‘How do I manage these accounts moving forward?’”
In this new paper, CyberArk simplifies the process of identifying, securing and managing these powerful accounts for organisations, detailing key phases of privileged account security, including:
· Defining a Privileged Account: These accounts exist in many forms across an organisation – employee accounts, hard-coded into applications, in every technology connected to a network and even industrial control systems – in typical volumes of double or triple the number of employees. Each poses significant security risks if not protected, managed and monitored. Understanding what these accounts are and where they exist is the first step towards closing a critical security gap
· Best Practice Maturity Model: Each organisation’s environment and needs are different, and determining the most effective approach to secure privileged accounts requires a blend of process changes, policy and technology. The practice of securing privileged accounts should be on-going with continuous evaluation to improve security. This maturity model lays out best practices for baseline, medium and highly effective security, addressing the process changes as well as the tools and solutions necessary to continuously protect and monitor privileged accounts