February 4, 2013 | Uncategorized | John Worrall
by John Worrall
If you happen to read our blog and industry commentary on a regular basis, then you understand our commitment to highlighting the direct connection between privileged accounts and advanced internal threats and cyber attacks. In almost every cyber attack, there is a link between the pathway used by the hackers and poor security around privileged accounts.
However, while privileged accounts exist everywhere – on servers, databases, network devices, in your telephony system, embedded in applications –in 2011, according to the 2012 Verizon Data Breach Investigations Report, 94% of the data stolen during sophisticated cyber attacks came from servers.
One way to proactively mitigate the impact of these data breaches is to attain separation between sensitive and non-sensitive assets within your network. By creating an isolated zone, organizations can, conceivably, minimize the risk that a potential attacker could access sensitive data.
One traditional approach to creating this separation involves the use of jump servers, also known as jump hosts, golden hosts, jump boxes or bastion hosts. However, much like other conventional security approaches—such as firewalls and other perimeter security initiatives—simply deploying jump servers ignores the impact of the privileged connection. The fact remains that, while isolation of sensitive assets (via a jump server solution) is indeed a mandatory security step to control access to sensitive data, something is missing. The problem, of course, is that if the solution is unable to create the only control point into the target server (a privileged account), then a malicious insider or external attacker can still hijack the privileged administrator password, bypass the whole jump server solution and cause havoc.
Fortunately, there may be a solution, and it is not simply locking down privileged accounts through proactive management and continuous monitoring. As we outline in a new whitepaper, aptly titled, “Isolation, Control & Monitoring in Next Generation Jump Servers,” unlike homegrown jump servers that still require a privileged credential to access targets system, a new class of Next Generation Jump Servers can effectively be deployed to merge isolation, control and monitoring into a single solution to truly protect an organization’s sensitive business information. Take a look at the whitepaper to learn more and to understand how you can create isolation that blocks the spread of desktop malware and monitors for malicious activity—all while protecting the privileged accounts through pre-defined workflows enforced for every privileged session.
And of course, make sure to check out our integrated solution, Privileged Session Management (PSM) Suite, which acts as a secure proxy that organizations can use to isolate, control and monitor all privileged access to sensitive servers, databases or virtual machines.