When two corporate IT environments come together, IT administrators come face to face with one of the biggest IT challenges of a successful merger: privileged identity management.
privileged account management
In many of the IT shops I’ve seen, all the systems have the same administrator account name and the same basic password. And, in most of these cases, this password has not been changed since the systems were deployed.
Essentially, the challenge for IT is having a good source of privileged account information that is continuously up to date. And they must combine that information with domain specific knowledge about where privileged accounts are used. That’s difficult to do manually at scale.
Advanced cyber attacks require automated security solutions that can locate and remediate weaknesses faster than nation-state attackers and criminal hackers can exploit them.
After incursions into Target, Home Depot, JP Morgan, Sony Pictures and others, I’ve been asked if it’s now reached the point where some information is simply too sensitive to entrust to computers. My response is that they’re not asking quite the right question. Instead, when it comes to data security, here are the four hard questions that should be asked.
What does a customer of privileged credential management technology look like? What problems is he trying to solve and why? We thought we’d answer those questions from the perspective of one of our real-world customers. Though real names are concealed, of course, here’s the story of “Steve”, a CISO at “a large North American financial institution”.
Over the last year my company has been working on managing ever larger customer environments including some that require taking our auto-discovery of privileged accounts to the “next level”. Conceptually this means providing a solution that automatically discovers accounts, where they are used, how they are used – and then changing credentials on a regular basis without causing outages. This, in itself, is a much needed capability for most IT shops.
But, as it turns out, even with the very best auto-discovery, the human element represents the core limitation in implementing security. Therefore, our philosophy is that by minimizing the involvement of humans, security is improved because the time to manage systems is minimized.
To gain a better understanding of what IT shops are doing to get a grip on their powerful privileged accounts, we polled attendees of the recent Microsoft TechEd 2013 Conference. We asked – “What has your organization done to try and manage privileged accounts?”
Congratulations to our customer University Medical Center Hamburg-Eppendorf (UKE), who was named a winner of the European Identity & Cloud Awards 2013 for Best Approach on Improving Governance and Mitigating Risks.
If you’ve been following the news over the last 6 months or so, you may have noticed an uptick in articles related to Critical National Infrastructure (CNI) security legislation. You may have also seen more reports of cyber-attacks against a wider variety of targets by entities other than criminal elements seeking financial gain. Why is that?