3 Ways Privileged User Accounts Act as Your Biggest Security Threat
May 21, 2019

Privileged user accounts are used for some of the most critical parts of a business, such as managing infrastructure and providing access to critical data for day-to-day activities. However, because privileged users have great access to your organization, they are a security threat. According to a report by Centrify, privileged credential abuse is involved in 74% of breaches.

Source: Centrify

What is a Privileged User Account?

Privileged user accounts are those that have unlimited access and permissions to systems, data or endpoints. These accounts can be used to modify data or grant permissions to other accounts. They are often given to people who work with critical data and infrastructure, such as C level executives or senior managers. Here are three common privileged user accounts most organizations use:

  1.       Local admin accounts: These accounts provide administrative access to the local host. They are commonly used to perform maintenance on the network.
  2.       Domain admin accounts: These are privileged accounts that have admin access across all workstations and servers within the domain.
  3.       Service accounts: These accounts are used to operate specific applications.

Privileged Users Are a Security Weakness

Privileged user accounts can act as a security threat because it is easy for users to abuse their access without getting caught. Here are three reasons why your privilege users are your biggest security weakness.

1. Cyber criminals target privileged users: According to Verizon’s 2019 Data Breach Investigation Report, senior executives are 12 times more likely to be the target of a social engineering attack. Privileged users are targets for cyber criminals because they can use their accounts to gain a foothold into your network.  Once they gain access to privileged credentials, they can change permissions for users and move around undetected. They might even try to infect other users by sending malicious links. Since they look like a normal user, their actions may not be immediately raise any red flags.

2. Accounts are difficult to manage: Privilege users are hard to manage because as employees change their roles, their permissions and accesses change as well. It can be difficult for organizations to keep track of the permissions that are required for each role and to make sure that unused accounts are deleted or that permissions are disabled when no longer required.

3. They can act as insider threats: Since privileged accounts have unlimited access, it’s hard to determine if a user is acting maliciously or not. If a privileged user is accessing confidential behaviour, are they doing it because it’s part of their job or because they are trying to leak sensitive information? They may also unintentionally act as an insider threat, such as giving a user access without determining if there was a true business need for it or not.

Securing Your Privileged Users

Since privileged users hold the keys to an organization, it’s important that organizations take necessary precautions to guard these accounts. Here are three things organizations can do to secure their privileged users.

1. Use a Zero Trust model: The foundation of Zero Trust is to “never trust, always verify”. In order to incorporate Zero Trust into your organization you need to build it into your security architecture. The strategy should include constant verification of users, devices and their access. User accounts should have multi factor authentication enabled and end devices connected to the network should be protected with endpoint security. Privilege access should be limited and given to only those who need it.

2. Implement Behavioural analytics: Using an automated detection system like Secure IT SIEM can help monitor user activity and detect potential threats. SIEM allows you to gain visibility into your network by analyzing data from devices and monitoring user behaviour. SIEM can detect indicators of potential insider threats, such as logins at unusual hours or accessing unusual data or systems.

3. Understand Your Privileged Accounts: Find out where your privileged accounts exist within your organization. Create an inventory of these accounts. This will help you gain an understanding of your company’s risk exposure. Make sure any privileged accounts that are no longer in use are deleted.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published.

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecurity Solutions

Cyber Incident ​Response
Endpoint Detection and Response
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Helpdesk & Field Services Solutions

Monitoring and Management Solutions

Professional Services & Consulting Solutions

Public and Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Your Partner in Digital Transformation

Helping the Next Generation of MSP and IT Solution Providers Transform and Grow

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.

progress

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn About Us and The Legacy We Have Created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.

progress

Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.

progress

Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!