Tag: CyberArk

Why Ongoing Management and Analytics Should Be Part of Your PAM Strategy

Privileged access management (PAM) has become an essential part of effective cybersecurity. In its first Magic Quadrant for Privileged Access Management, published on Dec. 3, 2018, Gartner made the necessity for PAM clear: “Security and risk management leaders must use PAM tools in a long-term strategy for comprehensive risk mitigation.” PAM solutions such as CyberArk’s Core Privileged Access Security...

How to Choose the Right Privileged Access Management Solution

Researchers who study large-scale data breaches have concluded that nearly all successful attacks involve privileged account compromise. In the 2017 Yahoo! breach, attackers began by stealing a user’s credentials, then harvested privileged credentials from the local PC in order to gain access to higher-level assets. The 2015 attacks on the U.S. Office of Personnel Management (OPM) followed a similar...

Seven Types of Privileged Accounts That Require Strong Security

In our last post, we explained the difference between privileged identity management (PIM) and privileged access management (PAM). PIM involves the identification of administrative accounts, which already exist on systems, and the association of individual users with those accounts. PAM secures privileged credentials and ensures they are used in accordance with established policy. We also defined the term “privileged,”...

Overcoming “Segregation of Duties” Challenges in 2019 and Beyond

As growing numbers of users need access to more on-premises and cloud resources, identity and access management (IAM) has become increasingly challenging. It’s virtually impossible to keep up with access requests using manual processes, so errors are bound to creep in. This can lead to orphaned accounts that remain active after the user changes roles or leaves the organization,...

The Essential Role of Automation in Cybersecurity

IT teams are overstretched. Business units need new applications and services spun up faster than ever before. At the same time, IT must maintain an ever-larger and increasingly complex environment and ensure robust security. New threats and vulnerabilities emerge every day, and security alerts never seem to let up. That’s why automation has become an essential part of any...

Many Federal Agencies Are Struggling to Meet ICAM Requirements

In 2009, the federal government began development of the Identity, Credential, and Access Management (ICAM) architecture to address security weaknesses across agencies in the areas of user identification and authentication. Established by the Office of Management and Budget (OMB), the federal ICAM program provides guidance on IT policies, systems, and standards that help agencies monitor, manage, and secure access...

How to Avoid a Catastrophic Active Directory Breach

A 2017 study by the University of Maryland’s Clark School of Engineering found that, on average, there’s a hacker attack on Internet-connected computers every 39 seconds. Many of these are brute-force attacks that attempt to gain access using common, weak credentials. If one of these attacks were to breach a corporate user’s machine, the hacker could potentially gain higher-level...

Why SaaS Requires Strong Privileged Access Management

Software-as-a-Service (SaaS) delivers real business benefits, including reduced capital and operational overhead, continuous software updates, and simplified remote access. However, many IT decision-makers are concerned their organizations aren’t doing enough to secure cloud-based solutions. In a recent study conducted by Vanson Bourne, 64 percent of IT decision-makers said their “organization’s SaaS adoption is outpacing their ability to secure it.”...

Privilege Escalation Vulnerabilities Create Critical Security Threats

Privilege Escalation
A Google search of “privilege escalation” yields numerous articles about software bugs that hackers could exploit to gain elevated access to IT resources. In the past few months, Microsoft alone has released software updates that address two serious privilege escalation threats. In July 2018, security researchers reported a vulnerability in the Microsoft .NET Framework that could allow an attacker...

Kerberoasting: A Real Threat of Mythological Proportions

Kerberoasting
In Greek mythology, Kerberos (also spelled Cerberus) is the three-headed hound who guards the gates of Hades. Kerberos also has a snake for a tail, snakes protruding from his body, and eyes that flash fire. He’s not the sort of creature one would want to encounter. That’s why computer scientists at MIT chose the name Kerberos for a network...