What’s trending in the cyber security industry? Identity Week sat down recently with Jonathan Sander, VP of Product Strategy at Lieberman Software and veteran cyber security expert, to discuss insider attacks, password security, and lessons learned from major data breaches.
In many of the IT shops I’ve seen, all the systems have the same administrator account name and the same basic password. And, in most of these cases, this password has not been changed since the systems were deployed.
Changing user passwords on a regular basis has long been a basic – and well known – tenet of IT security. But when it comes to password security, privileged passwords (admin, root and such) are often overlooked.
Whenever new computers and applications are deployed on a network, they can introduce unforeseen security risks. Shared and default privileged account passwords are introduced through deployment scripts, ghosted images, default appliance credentials and developer “back doors.”
However, despite the occasional outlandish blunder, most of the IT security mistakes we witness are fairly common and predictable. In our experience, here are the five most frequent information security errors that organizations make:
A destructive data breach can begin with the compromise of just one privileged account. Criminal hackers and malicious insiders can exploit an unsecured privileged account to gain the persistent, administrative access they need to anonymously extract sensitive data over an extended period of time.
Before Edward Snowden there was Terry Childs. The original poster boy for everything that can go wrong when an organization doesn’t lock down and audit access to its powerful privileged passwords – from insiders as well as outsiders.
The concept is that double safekeeping is an effective control mechanism for ensuring the highest levels of security during critical operations. That’s because the process requires two or more authorized personnel to be involved before sensitive resources or information can be accessed.