IT Teams Need More Than Password Managers – Security Boulevard

IT departments need more than a password manager to keep themand a companys datasafe from cyberthreats

All companies today are, to some extent, dependent on technology and the IT teams driving their systems and security in the background. These IT administrators, of course, have privileges to modify system or application configurations, install or remove software, make changes to the operating system, and more. Most companies only use a simple password management app to manage all passwords, including for these privileged admin accounts. Sadly, this is no longer sufficient to protect them from malicious insiders, cybercriminals and hackers.

Before we get into why theyre not sufficient, lets first talk about the typical capabilities of a password management solution. A password manager is a good way to begin securing general accounts such as NetFlix, Amazon, social media accounts, bank accounts, marketing tools such as Google Analytics and other apps. It helps users to consolidate passwords into a centralized vault, manage logins and streamline access to shared general accounts. However, when we look at any high-profile data breachessuch as those that occurred at Target, Marriott and Sonywe see cybercriminals primarily target privileged accounts. These could be local admin accounts, privileged user accounts, domain administrative accounts or service accounts, all of which are usually scattered across the companys internal IT infrastructure.

Apart from using password-based authentication for IT systems, some companies (especially those in finance, high-tech and government) prefer using secure shell (SSH) keys to protect their privileged accounts. Most companies leave these privileged accounts unmanaged or orphaned, and only a handful of privileged accounts are stored in the password management app. According to the 2019 Data Breach Investigations Report by Verizon, privilege abuse is one of the most common threats in data breaches.

This Verizon report offers crucial perspectives on threats that organizations face. It is built on real-world data from 41,686 security incidents and 2,013 data breaches provided by 73 data sources, both public and private entities, spanning 86 countries worldwide. Remember the American whistle-blower Edward Snowden, who breached the National Security Agency (NSA)? He simply used this privileged account management loophole to gain access to one of the worlds most advanced and sophisticated security agencies. Similarly, once cybercriminals get access to a privileged account, they can eventually gain access to all of the organizations sensitive information, deploy remote access tools, steal as much data as possible and even may perform financial fraud.

A password manager can work well for many departments including marketing, finance and human resources. However, your IT teams need a comprehensive privileged account management (PAM) solution to protect your companys IT infrastructure in this era of cyberattacks. Your typical privileged account management solution can:

These important differences between a password manager and a fully-featured PAM solution could be the key to protecting your organizations information. According to leading research firm Gartner, privileged account management is also the number one security priority for chief information security officers (CISOs). Implementing a PAM solution alone may not help you to keep hackers at baythere is always more to be done. However, a PAM solution will provide you with a solid foundation to continue building your defenses against cybercriminals.

Read this article:
IT Teams Need More Than Password Managers - Security Boulevard