Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Security threats from the inside

Adam Bosnian | April 9, 2009
Remember, trust is not a security policy, and the damage that insiders can do should not be under-estimated.

Last year, the city of San Francisco in the US was brought to its knees because an employee locked down the citys IT system through a privileged account. And more recently, a Fannie Mae employee implanted a logic bomb on the companys network because access to his privileged accounts was immediately revoked upon his termination.

If youre concerned about this happening at your organisation, here are specific steps you can take to help prevent severe security incidents:

1.    Improve internal security controls around privileged accounts via encryption, password protection, and auditing of system access;

2.    Reduce the risk of internal data misuse by implementing policies and technologies which provide special treatment for privileged identities and ensure compliance with regulatory requirements;

3.    Ensure administrative and application identities and passwords are changed regularly, highly guarded from unauthorised use and closely monitored, including full activity capture and recording;

4.    Avoid sloppy habits when exchanging privileged and sensitive information, such as sending sensitive or highly confidential information via e-mail or writing down privileged passwords on post-it notes;

5.    Ensure provisioning, and more importantly deprovisioning of user access in an immediate timeframe after employee status or role changes.

Remember, trust is not a security policy, and the damage that insiders can do should not be under-estimated. To thwart this threat, the first big step is making that key decision to effectively manage these privileged accounts, and then doing so in a streamlined manner that makes it efficient and transparent to the user.

Streamlining the management of privileged accounts by controlling who has access, when access was gained, what is being done with the sensitive data and why access is needed is critical in preventing a major security incident from occurring at your company.

Adam Bosnian is the vice president of products, strategy and sales at Cyber-Ark Software. He is responsible for the global product and business strategy of the company as well as for managing the North American sales organisation and growing the business in this area.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.