Zero Trust for Protecting Privileged Accounts During Covid-19

PAM

We are all aware of the happenings around the world and more. Economies have hit new lows, many companies have been out of business, some are trying to stay afloat, and some are struggling to retain normalcy with the digital shift. A big risk for organizations today is their own lack of digital preparedness. Most companies that were on the fence about remote work, no longer have a choice in many cases. While normal access provisioning and maintaining digital identities is a challenge—securing privileged accounts amidst a pandemic is crucial because it is important to note that despite the worldwide digital struggle—there are bad actors who are willing to take advantage of this vulnerability.

External perimeters no longer serve you the best

Businesses can either be in denial about their security posture. They could even retain their stance that the good old’ castle and moat approach, protecting the networks through an external perimeter, is the way to go. This will not change the fact that their old methods will land them in trouble sooner than later.

Firewalls, VPN and all integral components in ensuring security. The answer to comprehensive security lies in the combination of such solutions with the technology and approaches that is the need of the hour. This isn’t a phenomenon occurring as a result of the pandemic alone; the need for upgrading security measures has been around for quite some time. It is probably more apparent now due to the lack of options to fix a problem “hands-on”.

Here are some statistics for you –

  1. According to Forrester’s “Stop the Breach” report, 83% of organizations do not have a mature approach to access management, resulting in two times more breaches.
  2. According to another Forrester report, 80% of the security breaches involve privileged credentials.

These are stats devoid of the digitally unstable shift that we are undergoing.

The only answer to this predicament is Zero Trust Policy. Although this security model has been around for quite some time, it has met with mixed reactions. Zero trust essentially follows a simple protocol, “always verify, never trust”. Simple, isn’t it?

The only part you should be focusing on is the underlying message. There is no access or identity, be it human or non-human that you should trust without verifying. Because for the longest time, it has been believed that once the users are inside the corporate network—their accesses are safe. This “trust” factor is exactly what a hacker counts on. They could easily obtain credentials, and owing to the elevated trust the network has, the hacker is free to move about with this credential, undetected, for months.

With zero trust, every access, every device is subject to verification, depending on your policies.

The need for Zero Trust Model with Privileged Access Management with Covid-19

Scaling back from PAM accesses to normal accesses, the sudden remote work culture has left several loopholes-

  • Usage of personal devices that are not “IT proofed” due to a lack of infrastructure availability
  • The surge of access requests, resulting in accesses being allowed for the sake of it- and not revoked on time

To make do, companies have resorted to Remote Desktop Port, and VPN – although these are necessary and they can’t be the final line of security. There has been a rise of 41% in the use of RDP and 33% of VPN. This means organizations are seeking out for better, secure functioning. Yet, certain other facts cannot be ignored.

Bitdefender warned that TrickBot, a credential-stealing Trojanadded a new module that uses infected computers to launch RDP brute-force attacks.

In the UK, users with Microsoft 365 accounts are being targeted with phishing emails.

The FBI warned that “mobile banking platforms” are being targeted by hackers at an alarming 50% surge since the beginning of the pandemic.

All of these point towards one thing – a more comprehensive security model with Identity and Access Management in the forefront is the need. It is not an add on. It isn’t even a luxury. It is the key to stay secure.

Considering how Privileged accounts are the most at risk, organizations willing to move towards a zero trust security model should start from there.

Multifactor authentication all the times – PAM accounts’ credentials are changed periodically or after every use, this cannot be the only verifying factor. A more in-depth understanding of the identity trying to log in is crucial. Attributes such as where is the hacker from, location, IP address, device endpoint – all of these must be taken into account. If there is a diversion from the usual attributes, then it triggers a step-up authentication or the access is blocked depending on the sensitivity of the data.

Regular monitoring—  PAM access must be monitored vigilantly. What are the resources being used? What are the changes made by the user? What all has been downloaded? Is there anything that is sent out of the network (if you don’t have a DLP)?

This data can not only ensure you have the data to track when something goes wrong but also to be more proactive rather than reactive with security measures.

Privileged access management can be the start to securing your organization with a zero trust powered Identity Management solution. There is no better time than now to see for yourself how this crucial security model can ensure security despite the digital conundrum we’re in.

 

Share This on