by Sharron Malaver
In Biology, DNA encodes the genetic instructions used in the development and functioning of all known living organisms. DNA is found in every living cell and is the foundation for control over the organism.
The same could be said about privileged and administrative accounts in the enterprise. These powerful accounts are at the root of almost every enterprise function and exist throughout the IT infrastructure. These accounts are found on desktops, laptops, databases, applications, network devices, and throughout cloud deployments.
Organizations want to manage these powerful accounts in order to minimize the associated risk of leaving them unattended constituting critical points of attack on the organization. However, often organizations are not aware just how many privileged accounts they have or where they exist. Since this information is scattered across the organization there is a real challenge to attain a true picture as to the status of privileged accounts.
This is why Cyber-Ark recently introduced Cyber-Ark DNA™ (Discovery & Audit) – the industry’s first stand alone solution that rapidly locates all privileged, shared and generic accounts without having to install anything on target machines.
Identifying privileged accounts has traditionally been a manual process – taking hundreds of hours of time from IT and creating a long and complex audit process. Given the number and variety of privileged accounts, identifying these accounts manually and gaining an accurate picture when they were last changed or used, has been impossible. Cyber-Ark DNA is the Watson/Crick of the Privileged Account Genome – enabling organizations to expose the magnitude of the privileged account security risk within their organization and get accurate insight into the compliance status of these accounts in preparation for the next audit.
Identifying the Privileged Pathway
Cyber-Ark is currently offering businesses the opportunity to use Cyber-Ark DNA for a free self-assessment to discover where their privileged accounts – and risk – exist.
One customer, who wished to remain anonymous, recently used Cyber-Ark DNA and made some startling discoveries. The company was looking for a solution to manage privileged domain accounts. Cyber-Ark DNA was run on about 100 servers. This included servers that were part of the company’s effort to outsource some IT functions.
Cyber-Ark DNA discovered two things across these servers:
- Some of the servers scanned had unmanaged admin accounts created by the IT outsourcer and had not been changed for more than 200 days, despite being used recently which presented a tremendous security risk;
- Employees who had left the company created personal admin accounts which was a substantial audit finding
This discovery led to significant policy changes for the organization and put the management of local admins on a much higher priority level.
Why is this important? Privileged accounts are increasingly being used as high value attack points in almost every advanced attack, and were the root cause of breaches such as Saudi Aramco, Stuxnet, Red October, Subway Restaurants, Global Payments, the Utah and South Carolina breaches, and the U.S. Department of Energy among others.
Every privileged account is a potential attack point. Unmanaged and unprotected privileged accounts are a white flag to cyber-attackers that indicates your intellectual property and sensitive data is open for business.