If you’ve been following this blog over the last year, you know that we’ve been pouring a lot of effort into R & D to make our privileged identity management solutions more automated at every stage.
We do this to achieve faster and more complete security coverage, with less and less human interaction time. The latest version of our flagship product, Enterprise Random Password Manager, provides virtually total machine-to-machine automation via programmatic access using PowerShell and Web Services.
Staying Ahead of Cyber Attacks
Those who seek to compromise your security are using automation to find resources and access available to them. The only solution is to be even more automated than your attackers by identifying holes in your security and closing them faster than they can be exploited. That’s because as environments get larger, there are simply not enough humans available to handle many privileged identity management scenarios – manually or via scripts.
In the worst case, if you assume that one or more of your machines is owned by an outsider (i.e successful phishing attack) then automation limits how far an attacker can go in your environment, as well as mitigating how long any captured credential can be exploited.
For example, consider the pass-the-hash vulnerability. If each domain administrator and elevated account is changed every 8 to 24 hours without fail, any hash associated with such a credential is limited to less than 24 hours of validity. Is it possible to change every elevated account in your enterprise automatically and unattended? Yes – we do it every day for large enterprise customers all over the world.
Our vision is to walk up to a new environment, install our privileged identity management software on a workstation or server, point the solution at your environment, get a cup of coffee, and come back later to find a complete map of systems, identities and where they are being used.
Remember, just as a cyber attacker can use automation to characterize your environment and spread their access, automation can provide you with the same type of technology – except to secure your environment, and keep it secured. The key is to constantly discovering and remediating flaws such as common credentials and static privileged accounts before attackers can use them for access.