Webinar Thursday, Oct. 17: HyTrust | CA Technologies Webinar Invite: Privileged Identities = Unrestrained Access
Oct 17, 2013, Events
The insider threat, and the access that can be gained with compromised privileged identities, has come into greater focus in the wake of Edward Snowden’s admission that he leaked government secrets.
The director of the NSA, Gen. Keith B. Alexander, said his agency would institute “a two-man rule” that would limit the ability of each of its 1,000 system administrators to gain unfettered access to the entire system, writes the New York Times. “The scariest threat is the systems administrator,” said Eric Chiu, president of HyTrust quoted in the New York Times, Wall Street Journal, USA Today, and numerous other pubs as a result of the Snowden incident. “The system administrator has godlike access to systems they manage.” When insiders attack a company, it’s usually because an event, such as a denied vacation or being bypassed for a raise or a promotion. There is a 30-day window between a trigger event like these and when an employee will take action against an employer.
It isn’t just the risk of a rogue insider; it is also the risk of the privileged identity being compromised. Compromising an administrator’s account is like getting the master key to the datacenter. According to the most recent Verizon Breach Report, the most common way breaches occur is through stolen credentials, brute force attacks and backdoor/local accounts. The hackers are essentially using sophisticated APTs to steal credentials and impersonate employees to steal data. Administrative accounts, whether used by systems administrators or bad guys posing as employees, give unfettered access to the systems and data within the organization, enabling theft of confidential, top secret and financial/privacy information. Whether or not this is to sell on the open market or make public, the results are the same -- damage to brand, loss in shareholder value and jobs at stake. Virtualization and cloud infrastructure makes this problem worse, by enabling access to all VMs and other virtualized resources, plus little to no visibility into what administrators are doing.
Join security experts from HyTrust, CA Technologies and your peers as we discuss the issues around managing, monitoring and controlling privileged identities and what many organizations are doing to address them.