What is Privileged Identity Management?

Any IT infrastructure hosts a multitude of accounts, each with their own levels of rights and privileges. Some accounts consist of only users and may not have the rights to access files, install programs or change configuration settings. At the same time there are other accounts within the same infrastructure with different permission levels, which might have some or all of these rights. These accounts with higher permission levels are known as Privileged Identities (PI’s), super user accounts or super control accounts.

Usually such accounts are held by senior management members like the CEO, CIO and DataBase Administrators (DBA’s). A lot of care is needed to ensure that PI’s are not abused or misused. This is where Privileged Identity Management (PIM) has a role to play. PIM is a domain within Identity Management (IM), which focuses on the monitoring, governance and control of such powerful accounts, within an organization.

identity management

How important is Privileged Identity Management for an organization

PIM is very important for an organization because usually the governance of PI’s is not done in a stringent manner and PI’s are generally not controlled by the Identity and Access Management (IAM) system of the network. In most cases, the IAM software leaves PI’s unregulated, while imposing strict privileges on the entire network. What complicates the problem is that senior people who own these accounts, seldom have a formal training in managing them. This puts the whole network at grave risk because improperly managed PI’s is a hot bed for leaking sensitive corporate information. Furthermore, they pose a danger of compromising the entire network through malwares.

What are the risks of unmanaged Privileged Identities?

A 2009 report prepared by Northrop Grumman Corporation for a US congressional committee, very clearly outlines the extent of the threat. According to the report, US government and private sector information, once unreachable or requiring years of expensive technological or human asset preparation to obtain, can now be accessed and manipulated with comparative ease using computer network operations tools.

A recent American study by Ponemon Institute outlined that privileged users and their credentials form the core of a continuing series of security breaches across various sectors including government and financial services. It further goes on to state that in a recent 12 month period, 110 million Americans were impacted and 432 million accounts were compromised in data breaches. Analysis of those breaches reveals that privileged users and their credentials are at the core.

Unmanaged PI’s can be used by insiders and external hackers to steal highly confidential information and compromise the entire network. Some matters of concern include:

  • Usually the different PI’s which exist on a network at a given point of time are unknown
  • No one knows which privileged credentials are known to whom
  • No one can confirm how strong the passwords to these are and how often they are changed
  • It’s almost impossible to have a proof of who used these privileged logins to gain access to which data and also for what purpose

Because of the above mentioned reasons, these PI’s become the prime targets of hackers and malicious insiders today. The intruders usually combine bugs and vulnerabilities in the firewall software and social grafts, to access individual computers inside secure networks. Once they are able to access a single computer, they use PI’s and administrative accounts to map the organization’s IT infrastructure, for retrieving sensitive information so fast that they can bypass conventional safeguards.

How do you securely implement a Privileged account policy within an enterprise?

The implementation of a privileged account policy will go a long way in the efficient management of PI’s and prevent their abuse. A secure privileged account policy should incorporate ways of:

  • Identifying and documenting critical IT assets, their privileged accounts and the interdependencies
  • Enforcing the rules for password complexity and its diversity
  • Ensuring that change frequency for passwords is adhered to
  • Synchronizing both the points mentioned above, across all dependencies
  • Continuous auditing and provision of the documentation of the requestor, purpose and duration of each privileged access request
  • Building the capabilities to playback privileged sessions either historically or in real time (while the session is still active) and ensuring the continuous monitoring of privileged user accounts and web sessions

Privileged Identity Management Portfolio

--------------or--------------

NAME
ORGANIZATION
EMAIL ID
PHONE NO
MESSAGE
IAM solution enquiry