Privileged identities are accounts that hold elevated permission to access files, install and run programs, and change configuration settings. These keys to your IT kingdom exist on virtually every server and desktop operating system, business application, database, Web service, and network appliance in your organization.
Risks of Unsecured Privileged Identities
Privileged identities aren’t controlled by your identity access management (IAM) system, so in all likelihood:
- You do not know of all the privileged logins that exist on your network;
- You have no record of which privileged credentials are known to different individuals;
- You have no proof of who has used privileged logins to gain access to any of your IT resources, when, and for what purpose;
- There is no way to verify that each of your privileged account passwords are cryptographically strong, are sufficiently unique, and are changed often enough to be secure;
- You have no reliable list of privileged logins stored within your applications, and no way to know which in-house and vendor personnel can use these credentials to access sensitive information.
Risks of Unsecured Privileged Identities (click to enlarge)
Controlling Privileged Account Access
Enterprise Random Password Manager (ERPM) from Lieberman Software can help your organization's privileged account management through a four-part I.D.E.A. process:
- Identify and document critical IT assets, their privileged accounts and their interdependencies.
- Delegate access to privileged credentials so that only appropriate personnel, using the least privilege required, can login to IT assets.
- Enforce rules for password complexity, diversity and change frequency, and synchronize changes across all dependencies.
- Audit and alert so that the requester, purpose, and duration of each privileged access request is documented.
ERPM continuously discovers, strengthens, monitors and recovers local, domain and process account passwords in the cross-platform enterprise. It identifies, secures and manages the privileged identities found throughout your IT infrastructure, including:
- Super-user login accounts utilized by individuals to change configuration settings, run programs and perform other administrative duties.
- Service accounts that require privileged login IDs and passwords to run.
- Application-to-application passwords used by web services, line-of-business applications, custom software, and other applications to connect to databases, middleware, and more.
Business Value of Privileged Identity Management
Taking control of privileged identities can help your organization:
- Reduce IT staff workloads by eliminating the manual steps required to secure privileged account credentials, access systems for maintenance, and document each access.
- Improve IT governance by automatically documenting which individuals have access to sensitive data and the ability to make changes that impact IT service delivery; at what times, and for what purpose.
- Lower cost and uncertainty of IT regulatory compliance audits by providing detailed reports that prove compliance with today’s regulatory standards including SOX, PCI-DSS, HIPAA, SANS Critical Security Control 12, and others.
- Mitigate risks whenever planned and unplanned changes happen in your IT environment or IT staff turnover occurs.
To learn more about how Lieberman Software can help you secure the privileged identities in your enterprise, contact us to arrange a free product evaluation.