3 Reasons Why You Need a Privileged Access Risk Assessment

By Eric Noonan • June 4, 2019

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization.

These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can imagine, then, why they’re such an attractive target to hackers.

By gaining access to a privileged account, a hacker can wreak havoc on your business. For example, they can steal customer data, bring down your website, or shut you out of critical systems. And because the hacker is using legitimate credentials, it’s often difficult to pinpoint where an attack is coming from — if you detect it at all.

3 Reasons to Consider a Privileged Access Risk Assessment

To improve security posture and meet regulatory compliance, consider these three reasons why your business should conduct a detailed privileged access risk assessment:

Reason #1 – A Glaring Security Loophole

With the potential for exposure so high, you’d assume that businesses would be way ahead of this threat. However, many organizations are failing to devote the proper attention to closing the glaring security loophole that is privileged account management.

In many cases, weak passwords are used to protect these highly sensitive accounts. In fact, some use the default password — literally ‘password’ in some cases — and some use none at all. Others use stronger passwords, but share the same account between multiple users, increasing the account’s risk profile.

Even when privileged accounts are assigned to single users and adequately protected, they’re often not revoked when a user no longer needs them. Depending on the size of the organization, it’s estimated that there are up to four times as many privileged accounts as regular user accounts, many of them no longer in use. With every single account presenting hackers with an avenue of attack, this means that organizations are exposing themselves to a staggering amount of unnecessary risk.

Reason #2 – The Consequences of Exposure

A data breach costs the average organization as much as $150m in losses. At least one-third of customers take their business elsewhere when a breach is made public, even if they’re not personally affected. Then there is the cost of legal penalties that can result from failure to comply with security measures around the protection of sensitive data.

Many businesses can’t survive these legal and financial blows and quickly find themselves in the ground, but securing privileged accounts is not as simple as merely changing your passwords.

Reason #3 – The Problem with Privileged Account Security

The first step to securing privileged accounts is to perform a detailed audit. However, with so many of these accounts scattered across networks, servers and other key infrastructure, it can be almost impossible to get a true picture of how many there are, how (and if) they’re being used, and how secure they are.

Traditionally, a privileged account audit was a manual job requiring hundreds and hundreds of hours of IT man-hours, which of course carried a significant financial cost, too. The process was long and complex, and many organizations avoided it because they simply found it too daunting, expensive, or both. Today, that doesn’t have to be the case.

That’s Where CyberSheath Comes In

CyberSheath’s expert team uses advanced technology to perform privileged access risk assessments in a fraction of the time, helping you to:

  • Identify all privileged accounts on-site, in the cloud, and in your dev-ops environments.
  • Locate all privileged credentials, such as passwords, access keys, and SSH keys.
  • Discover weaknesses and highlight accounts that are vulnerable to credential theft.

With our technology and expertise, there’s no reason to shy away from a privileged account security audit — and no excuse to put your business at risk. Contact us today to find out how we can help keep your privileged accounts and your business safe and secure.

Cybersheath Blog

3 Reasons Why You Need a Privileged Access Risk Assessment

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization. These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can…

Incident Response – Learning the Lesson of Lessons Learned

“Those who do not learn from history are condemned to repeat it.” Over the years, variations of this famous quote have been spoken by everyone from philosophers to world leaders. The message — that we must learn from our mistakes or continue to repeat them — is also highly relevant…

What is DFARS 252.204-7012 and NIST SP 800-171?

With the Department of Defense (DoD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.  Compliance is mandatory for contractors doing business with…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Trace Security