IDC Connection (Part 3): Best Practices for On-going Privilege Protection
May 30, 2014 | Uncategorized | CyberArk
In our previous posts, we highlighted parts one and two of a conversation on privileged account security with IDC analysts Charles Kolodgy and Sally Hudson. Here is the third and final part of that conversation.
This post includes a discussion around best practices when dealing with advanced threats. Below are IDC’s recommendations.
CyberArk: What recommendations do you have for companies beginning to look at protecting privileged accounts? What are some best practices to maximize protection while minimizing burden to the business?
IDC: The first step towards protection is to manage all privileged credentials, whether associated with users, applications, or network devices. One key capability to deter attacks is to offer rotating credentials. Another is to monitor and analyze log data to provide real-time information on potential threats. This actionable information can provide response teams with the intelligence needed to disrupt an attack and accelerate remediation. This intelligence data also provides a rich data set for auditors. Monitoring and analytics is a natural extension of a privileged account security solution and a clear differentiator for the vendors who include it. We recommend a number of best practices including working with a vendor that has deep experience in the area of privileged account security versus a broad-based identity management provider that does not provide deep functionality in this area. Companies should also look for vendors with a comprehensive solution that can scale and expand as security needs change and evaluate the solution’s ease of use.
Privileged account security is a critical component of any security profile. If an organization is not monitoring and analyzing the activity of all privileged accounts, then they are leaving the door open for a targeted, damaging attack. A correctly deployed privileged account security solution provides compelling ROI for an organization by easing the burden on the IT security team and providing them with a single platform from which to manage user activity.