Tag: PAM

How to Choose the Right Privileged Access Management Solution

Researchers who study large-scale data breaches have concluded that nearly all successful attacks involve privileged account compromise. In the 2017 Yahoo! breach, attackers began by stealing a user’s credentials, then harvested privileged credentials from the local PC in order to gain access to higher-level assets. The 2015 attacks on the U.S. Office of Personnel Management (OPM) followed a similar...

Five Tips for Protecting Privileged Access in DevOps and Cloud Environments

Rapid software development processes, IT automation, and the cloud enable organizations to respond more quickly to changing business demands. Increased agility brings greater risk, however. There are more opportunities for attackers to obtain privileged credentials that give them access to sensitive systems and data. Continuous integration and continuous delivery (CI/CD) processes require that DevOps teams have privileged access to...

Shifting Network Priorities Call for Zero Trust Security

“Trust no one.” That was one of the taglines for The X-Files, the popular science-fiction television series about FBI agents who investigate a series of bizarre, supernatural cases. It’s also becoming a mantra for modern network security Faced with relentless cyber threats and expanding attack vectors, network security pros have begun to embrace a “zero trust” model as an...

CyberArk Privileged Session Manager: The Modern “Jump Server”

In our last post, we discussed how multifactor authentication (MFA) can help secure privileged accounts. Adding a second factor of authentication, such as a physical ID card or fingerprint, can prevent hackers from using a stolen username and password to gain access to a privileged account. That’s why security experts recommend MFA and many government and industry regulations require...

New Study Highlights Security Risks of Digital Transformation

Organizations are rethinking their operational models, finding new solutions to problems, and enhancing the customer experience by integrating technology into everything they do. That’s the essence of digital transformation (DX). Rather than simply building on what you have with new technology, DX is intended to drive innovation and reinvent internal processes and the external markets you serve. The problem...

PIM vs. PAM: What’s the Difference and Does It Matter?

Any organization seeking to improve the security of its privileged accounts will soon run into a pair of acronyms: PIM (privileged identity management) and PAM (privileged access management). The two terms are closely related and often used interchangeably, but there are distinct differences. Let’s start by defining what “privileged” means. A privileged account allows a user to take administrator-level...

Research Digs into Privileged Access Management Capabilities and Challenges

Traditionally, workers relied on IT teams to provide privileged access to the resources needed to perform tasks. Today, workers demand unprecedented rights to perform tasks on servers, applications, data, and other IT resources. While privileged access can increase user freedom and productivity and reduce administrative efforts and costs, security requirements are rarely a consideration. The key is to determine...

Privilege Escalation Vulnerabilities Create Critical Security Threats

Privilege Escalation
A Google search of “privilege escalation” yields numerous articles about software bugs that hackers could exploit to gain elevated access to IT resources. In the past few months, Microsoft alone has released software updates that address two serious privilege escalation threats. In July 2018, security researchers reported a vulnerability in the Microsoft .NET Framework that could allow an attacker...

Kerberoasting: A Real Threat of Mythological Proportions

Kerberoasting
In Greek mythology, Kerberos (also spelled Cerberus) is the three-headed hound who guards the gates of Hades. Kerberos also has a snake for a tail, snakes protruding from his body, and eyes that flash fire. He’s not the sort of creature one would want to encounter. That’s why computer scientists at MIT chose the name Kerberos for a network...

How to Overcome the Challenges of Implementing Multifactor Authentication

MFA
A recent CTE Research survey confirmed what is already widely known: weak passwords continue to be a serious problem that most organizations haven’t done enough to address. The survey found that about four out of five data breaches involve weak or stolen passwords. Nearly half (47 percent) of survey respondents believe their company’s employees use simple or weak passwords,...