5 Reasons that Show How a PAM System Can Prevent Disaster From a RIF

By Yanni Shainsky • February 2, 2016

There are many reasons to implement a Privileged Account/Identity Management (PAM) system, including audit and IT security standards compliance, risk mitigation, automation of password management, transparency of user activity, etc. Today we’d like to focus on some of the specific reasons why it is important to implement, maintain, and enforce the utilization of a PAM system for a company that is planning for, or foresees a significant Reduction in Force (RIF).

As pundits are predicting a bear market in 2016, IT managers are starting to prepare their contingency plans for dealing with potentially hundreds or thousands of employees, whose employment will need to be terminated abruptly. A PAM solution can help mitigate some of the very real risks associated with terminating an employee, particularly one that has key access to IT systems. Employees may react differently in the face of termination. The most technical employee assets may instantly become the biggest liability. The terminating employee may have full administrative access to hundreds of critical servers and network appliances that comprise the environment, creating tremendous potential risk to the company.

The following 5 reasons demonstrate how a PAM system can prevent disaster resulting from a RIF

1: Instantly Prevent Access

A well-implemented PAM solution will offer the capability to lock out specific employees from access to all servers at the press of a button.

2: Changing All Privileged Passwords Within Minutes

The PAM solution can not only prevent the terminating employee from seeing what the current Administrative Passwords are, it can also be used to initiate a password change on all of the systems that the employee previously had access to.

3: Recording Activities

A PAM solution can record the activities (on video in the case of Windows, or text in case of Unix/Linux). This capability can be invaluable in cases where terminating employees are given a deferred RIF notification (for example a two-week notification). The recording can discourage the employees from stealing company data as they’re leaving, installing dangerous Trojans or rootkits, as well as provide a trail of employee activity.

4: Documenting System Passwords

Often RIFs can be a chaotic undertaking, and without a PAM solution, it can be nearly impossible to guarantee that all critical knowledge, particularly system passwords, have been transferred or documented for the company. It could be difficult to contact a terminated employee, sometimes months after termination, to see if they remember or will release a password for even non-critical systems such as a Twitter account. There have been a couple of notable cases where rogue employees have held company passwords “hostage,” including the infamous case of Terry Childs and the city of San Francisco’s Department of Telecommunications and Information Services (DTIS).

5: Documenting Systems and Access

In addition to a Configuration Management Database (CMDB), a PAM solution can help the company identify systems that a particular employee supports. If the system has been around for a significant amount of time, a report could be run to see which systems the employee has ever interacted with, using privileged accounts.

How Can CyberSheath Help Your Organization?

In summary, it’s critical to implement and enforce a Privileged Access Management solution, long before the employees are notified of a RIF. CyberSheath’s engineers are well versed in fine-tuning the configuration of the Privileged Account Management suite; providing an automated, monitored, and controlled elevated privileged access.  You can learn more about our approach by viewing our Privileged Access Management service area.

CyberSheath Blog

How to Safeguard Your Company from Phishing

Email is so ubiquitous in our everyday lives that it can be a challenge to always be on guard when receiving messages. Each day it’s not unheard of for each member of your team to have hundreds of messages land in their inbox. How do you make sure that none…

3 Tools to Help Defend Your IT Infrastructure from Threats

With the continually evolving threat landscape and the prevalence of team members working from home, it is more important than ever to be proactive with how your company is protecting itself from cyberattacks.  CyberSheath can help. We offer services to build on all the great work you have already done…

DNS Filtering for Additional Protection of IT Systems

Phase one of securing your IT infrastructure should include protecting your endpoints and safeguarding your employees from phishing attempts. After you have implemented these controls, the next logical step is to launch a DNS filtering solution.   What is DNS filtering and why do you need it? Domain name server…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO