Ekran System Blog

News, opinions, and industry insights

How Escalating Privileges Can Shake your Enterprise Security

Category: 

Beware of giving user privileges to one individual or a small group of individuals. Although they may need to know the ins and outs of your corporation, they can do irreparable harm. Tales of espionage and cyber-attacks happen in any type of corporation. It is a reality for many businesses. Cyber-attacks can come from hackers, a corporation's own employees, or any type of business partner that has access to computers and networks.

 

Businesses hold intellectual property and private customer information as well as technical resources that should be kept as close to the corporation’s security wall as possible. There are threats from within such as employee dissatisfaction or an employee who tries to be an Edward Snowden and take classified information to use for his/her own purposes.

 

There is a fundamental weakness in many business infrastructures. Weaknesses are the harm that privileged users can do to your company.

 

Privileged Users in an Organization

 

Privileged user accounts are a security risk to businesses due to Advanced Persistent Threats or APTs. Security professionals have seen an increase in APTs as well as malware programs that gain access to delicate data by reproducing privileged user log in details.

 

Privileged users can cost an organization up to 5% of its revenues. This type of behavior by privileged users has captured the attention of security and CIOs around the world.

 

Inside breaches can damage the company’s reputation, market advantages, and the bottom line. It can cost a company billions of dollars. Most IT budgets are not dedicated to fighting insider threats. Privileged users, who want to harm a corporation, know that IT departments are targeted not on insider threats, but external threats.

 

A "sloppy" employee with ordinary network privileges may periodically receive a help desk ticket requiring him to log out and log back in as a system administer. Once the job is done, often this one-time privileged user remains logged in as a system administrator and exposes the network to security vulnerabilities.

 

A privileged user, who has access to the company network, can easily click on a malicious link. This link will eat through company systems without being stopped because no one thinks to check on the higher user privileges.

 

Mitigation

 

Mitigating privileged user abuse begins with a layered strategy that implements best practices, involvements, an understanding of human behavior, and using auditing and monitoring principles. Knowing that an organization has a monitoring and auditing technology policy can be a huge deterrent against privileged user abuses.

 

A company needs privileged users to change protocols, add information and develop new systems. They may be the most valuable players in the organization. But, these same people can become a threat if not monitored. Protect your organization from these threats by implementing best practices and a flexible policy-based monitoring solution. Watch your privileged user’s activities and request documentation of what they are doing when on the system.

 

Read also about How to monitor employee performance.

 

Ekran System, user activity monitoring solution, can help you to detect insider threats across your enterprise and mitigate corresponding risk. Our solution records and monitors activities of all users, including privileged ones, and clearly displays how their escalating privileges shake your enterprise security. Learn how to configure Ekran System Clients so that they monitor only users logging in under privileged accounts.