The security of your entire network is only as good as your least secure server. And, relegating the Unix/Linux infrastructure to a status of any lesser degree is the attack surface that hackers are looking to exploit.
privileged account security
There are a few steps we can easily take to increase our overall IT security posture. I advocate for paying special attention to privilege management. Here are five reason why.
The credentials that control access to privileged accounts are ultimately the main obstacle standing between hackers and your organization’s private data. All too often, however, these credentials are not secured, monitored and audited.
Too often, data breaches exploit shared privileged account passwords used for administrative logins, privileged service accounts, and application-to-application communications. The requirements of mandates such as PCI DSS, HIPAA, Sarbanes-Oxley and others require that these powerful passwords be audited and updated regularly to prevent abuse
Essentially, the challenge for IT is having a good source of privileged account information that is continuously up to date. And they must combine that information with domain specific knowledge about where privileged accounts are used. That’s difficult to do manually at scale.
A destructive data breach can begin with the compromise of just one privileged account. Criminal hackers and malicious insiders can exploit an unsecured privileged account to gain the persistent, administrative access they need to anonymously extract sensitive data over an extended period of time.
Gartner analyst Avivah Litan’s recent post on the data breach affecting Visa and Mastercard credit card users suggest the hack resulted from a compromised administrative account that was not protected sufficiently.
Organizations are beginning to become more intelligent, however enterprises seeking to eliminate the potential for anonymous employee access to sensitive data are extending their Security Information and Event Management (SIEM) platforms through the addition of privileged identity management (PIM) solutions.