IT Security & High Risk Users Management Blog | WALLIX

The biggest insider threat you face isn't a person

Written by WALLIX | Dec 15, 2014 11:53:06 AM


It’s all those privileged accounts being shared around.

Ensuring greater control over privileged accounts

  

Since Snowden it feels like we spend quite a lot of time eyeing that colleague at the coffee machine or photocopier and asking ourselves, “Are they disgruntled?” or “Are they siphoning away our valuable corporate and customer data?”. Certainly there is the potential for anyone with access to data inside a business to share it with the outside world, but we must begin by ensuring greater control over access to that data in the first place.

 

"Who has access?"

It’s most likely that these kind of assets will exist on servers in your datacentre, which leads to the obvious question, “who has access?” In many, many cases admin account passwords for all kinds of systems are still being shared around, instead of giving individual access that can be revoked when a person leaves or their role changes.

 

Passwords are valuable: don't show them off

In the worst case scenario these accounts are even publicised to ensure that EVERYONE knows how to logon. Take a look at this blog from Naked Security which captures login credentials on a whiteboard during a TV interview!

In the wake of the TV5 hack in France we've seen this flagrant disregard for the value of passwords rear it's head again, those bits of paper stuck to the wall behind TV5Monde reporter David Delos are credentials for their various social media accounts.

 

 

Centralize and manage access to critical resources

Any kind of regulation will require you to be able to prove which individuals have access to which resources. Why not consider how a tool that would help you centralise that work without having to change local accounts on each server could help you meet that requirement, you can see how Wallix does it in the video below.