Employees around the world are working hard to remain productive, but, as the mantra taking hold of the internet goes, “People are not working from home; they are at home during a crisis trying to work.” They are following 24/7 news. They are juggling a multitude of family obligations. They’re using personal devices and insecure home networks for both work and play. They are stressed and distracted. And, unfortunately, that means they are likely your organization’s weakest security link right now – especially those users requiring privileged access.
Privileged access is the gateway to an organization’s most valuable assets and is at the core of nearly every major data breach. One of the fastest, most effective ways to reduce risk across your remote workforce is to prioritize privileged access management (PAM).
For many employees, as they moved from the office to working out of their homes, their privileges changed to allow them to work more independently or handle new tasks. Without a strong plan for privileged access management in a time of crisis, it’s very easy for these new privileges to become new vulnerabilities for the company.
In a time of unprecedented change in the way we work, global economic uncertainty and relentless cyber threats, privileged access management matters today more than ever – here’s why:
- Protecting Against the Rising Insider Threat
We are all human and no one is perfect. We all make mistakes – especially when it comes to security. We save passwords in browsers, download unsanctioned apps or share sensitive files via collaboration tools. While not malicious in and of itself, these activities can unintentionally put data and systems at risk.
Attackers are banking on current chaos, targeting employees, contractors and other “trusted insiders” with a barrage of phishing and social engineering attacks. Successfully deceiving just one user is enough to kick-off a full system compromise. Starting with getting access to an endpoint, an attacker can establish a foothold inside the organization, escalate privileges and masquerade as a privileged insider. If the compromised user already has privileged access to business critical systems, sysadmins, RPA administrators, IT help desk team members or executives, the attacker has hit the jackpot.
While most insider threats are accidental, times of significant change can also fuel malicious insider attacks. If privileged access has not been properly managed, it’s easy for a disgruntled employee or financially motivated former contractor to use unrevoked credentials to legitimately bypass security measures.
Privileged access management solutions that offer insider threat protection allow organizations to give people only the necessary levels of access to do their jobs, helping to ensure activities occurring across the distributed network aren’t malicious and, if they are, enable security operations teams to take quick action.
- Securing Cloud Environments as Usage Skyrockets
While almost all organizations are moving toward the cloud, studies show 68% of companies are accelerating this journey to empower remote workers. And this makes sense for a number of reasons. Software-as-a-service (SaaS) solutions provide fast, streamlined ways for employees to connect and collaborate, store information and get their jobs done. Further, scalable SaaS tools are helpful to overworked IT teams, since they’re easy to deploy, cost-effective and eliminate infrastructure headaches. It’s a win-win for everyone.
But as organizations deploy cloud services in record number, many are doing so without fully considering the potential security risks. In fact, a recent CyberArk survey found that less than half of businesses have a PAM strategy in place for securing privileges in the cloud.
Yet, privileged credentials and secrets exist across cloud resources. And where privileges exist, attackers will be there, working to exploit them. In the rush to get new or expanded cloud environments up and running, security teams cannot afford to double back and fix issues after cloud services are deployed.
A strong PAM strategy accounts for everywhere privileges live – from SaaS applications, cloud management consoles, custom-built applications and cloud infrastructure to endpoints and on-premises environments. This gives organizations a comprehensive view of privilege-related risk and drives efficiency through an integrated approach.
- Securing Employee Endpoints
With the rise in remote work, securing employee workstations is more important than ever. But with employees working from home offices with insecure “BYOD” devices on insecure home networks – and making little distinction between work and personal use – this can be easier said than done. After all, a remote worker on their home computer isn’t restricted in what they can download or where they can go – even if that leads them to accidentally execute malicious software while playing browser games.
Unfortunately, many companies are creating similar situations on their employee workstations as well. Giving remote workers local admin rights allow them to download and install programs, connect and install devices and access corporate systems and information without having to go through IT or security teams – all of which are the exact same privileges that make BYOD risky.
Furthermore, those local admin rights are extremely useful for cyber attackers looking to escalate privileges, making the remote workers higher value targets.
Privilege management – as part of a broader defense in depth strategy for endpoints – is essential for containing cyber attacks early in their lifecycle. PAM enables organizations to efficiently remove and manage local admin rights and enforce least privilege, provide flexible just-in-time access and enforce application control to keep remote workers productive and secure.
- Securing Supply Chains in the Face of Rising Risk
This time of change and disruption extends beyond your remote workforce, impacting every third party vendor, contractor, consultant and service provider in your supply chain.
In fact, 90% of organizations provide third party vendors privileged access critical internal systems to manage data, patch or upgrade systems and more. Yet, these users are not managed by the organization, which makes it difficult to secure and control. Making matters worse, many of these third party vendors are also working remotely from disparate locations increasing the risk.
Traditionally, organizations have relied on VPNs and other legacy solutions to provide access. On top of not being able provide the granular permissions required to properly secure this level of access, VPNs also require agents and passwords which can add more work for the already overburdened IT operations teams – and can slow users down. Innovations in PAM technology are helping organizations overcome these challenges by authenticating vendor users with biometrics and multifactor authentication (MFA). These approaches help organizations remove operational overhead, keep vendor workflows intact and improve overall cybersecurity.
Prioritizing Privileged Access Management Today
As we look toward the future of our “new normal” – which will likely include more permanent remote workers across organizations and their supply chains and the onboarding and maintenance of new applications and services– privileged access management is key to preventing costly security breaches in the future caused by lax security measures in the here and now.
Cyber attackers are persistent and prepared for the “long game” and security professionals need to have the same persistence. Implementing a modern and comprehensive PAM strategy is a great place to start.