This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Privileged user management remains a challenge when it comes to embedded passwords or poor control of user access

Share this article:

The importance of privileged user management has been highlighted as a key area of data loss prevention (DLP) and network management.

Cyber-Ark VP of products, strategy and sales Adam Bosnian claimed that DLP is able to track where malware comes in from, but the first action should be to close the door. He said that there is a need to firstly understand privilege, then process privileged users and use a rational thought process and a device to implement identity ‘rather than wait for an attacker to put a stick in your eye'.

He said that there is a concern with how to deal with applications logging into systems that use embedded passwords with an application login. He said: “You had your PCI audit but users have built in passwords, so how secure is the web app? This is where you will fail an audit, if you do a simple seek you will find an account that can login to your network and the database does not know it is the application logging in or not.

“The consumer is the biggest risk as you have spent money on securing the network but look at data losses, the biggest thing is the insider threat. We are putting a band-aid over the problem, are your privileged accounts controlled? You think the problem is sorted, but it is not in any way as you have not secured your privileged accounts.”

He claimed that companies are waking up to the reality of privileged user management but the process to get it protected and recognised is taking too much time.

He said: “How many people use the 'admin' account? 150 people? It could be a negligent problem; the ability to track identities is important and preventative. Who is sysadmin? Now whose problem is it, and can I fix the application problem?”

Commenting, Simon Godfrey, director of security solutions at CA, said that he could see the challenge and a problem lies with outsourcing. He said: “You outsource the management of systems, you are giving control to someone you do not know, but there is a big rule of expulsion if you are found to be doing it, but it is not effective to regulatory needs to show examples.”

Andrew Clarke, managing director EMEA at e-DMZ Security, commented that access to systems and applications using privileged passwords are often shared or badly secured. The root of the problem is that data centres have many infrastructure devices such as firewalls, routers, and storage that are built with hard-wired user names such as ‘Administrator', ‘Root', ‘db2admin', or ‘System' to allow management of the device, or troubleshooting in the event of problems.

Also many applications are shipped with administrator passwords, which give access to important underlying functions such as configuration or integration capabilities, as also are operating system products such as root directory access within Unix and Linux.

“Organisations face further problems due to legacy code in which the administrator passwords are hard-coded into operational code, in order to facilitate application-to-application, or application-to-system integration. Whether passwords in an organisation are hard-coded, shared, or otherwise inappropriately secured, the result is increased risk,” said Clarke.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

4% of Googlebots are fake and can launch attacks

4% of Googlebots are fake and can ...

Admins' fear of damaging their SEO gives malicious search engine bots a 'VIP pass' into sites.

Brit Lauri Love faces more US hacking charges

Brit Lauri Love faces more US hacking charges

Lauri Love, a 29-year-old British man from Stradishall in Suffolk, has been charged by a US court with hacking into multiple US government computers and stealing more than 100,000 employee ...

More questions than answers as BBC outage fuels DDoS talk

More questions than answers as BBC outage fuels ...

The British Broadcasting Corporation was hit by a prolonged outage on its website and iPlayer video-on-demand service (VOD) last weekend, raising questions about the cause and whether it was subjected ...