There are a few steps we can easily take to increase our overall IT security posture. I advocate for paying special attention to privilege management. Here are five reason why.
privileged identity management
We asked Forrester Research for their impressions about the future of cloud security and the particular challenges of managing privileged identities in the cloud.
Each piece of the IAAS puzzle has a Privileged Identity Management element to it that has not changed from its on-premises equivalent deployment.
Can IaaS (Infrastructure as a Service) itself be used to manage some intrinsic privileges, or is a third party Privileged Identity Management (PIM) solution required? And where are there overlaps?
Managing and governing end user access separately from privileged access opens organizations up to unnecessary risk. The silo approach creates security gaps and deprives organizations of a complete view of identity context for access-related decisions.
2015 gave us the Ashley Madison hack, the US Office of Personnel Management (OPM) data breach, and a heightened interest in securing privileged access against cyber attacks and insider threats. We saw this interest reflected in the readership of IdentityWeek in 2015.
The National Cybersecurity Center of Excellence’s (NCCoE) recent cyber security guide Identity and Access Management for Electric Utilities identified a serious security concern within the energy sector, and if people follow the advice in this guide they will be have a better overall IT security posture. There is one area that doesn’t get a full treatment and one glaring omission, though.
Stolen credentials are an ongoing, serious IT security problem. Using tools like key loggers, nation-state attackers and cyber criminals can easily capture user names and passwords.
As with any ambitious endeavor, a successful cyber attack requires careful planning and precise execution. One thing that effective hacks have in common is the ability to remain covert – right up until the moment that the time is right and the attackers strike
2014 brought us the now infamous Sony Pictures and Home Depot hacks, as well as the immediate after affects of last year’s Target breach. Subsequently, 2014 was the year that elevated the privileged identity management security field to top of mind among CIOs and other executives seeking to avoid a similar fate for their organizations.