This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Privileged user management remains a challenge when it comes to embedded passwords or poor control of user access

Share this article:

The importance of privileged user management has been highlighted as a key area of data loss prevention (DLP) and network management.

Cyber-Ark VP of products, strategy and sales Adam Bosnian claimed that DLP is able to track where malware comes in from, but the first action should be to close the door. He said that there is a need to firstly understand privilege, then process privileged users and use a rational thought process and a device to implement identity ‘rather than wait for an attacker to put a stick in your eye'.

He said that there is a concern with how to deal with applications logging into systems that use embedded passwords with an application login. He said: “You had your PCI audit but users have built in passwords, so how secure is the web app? This is where you will fail an audit, if you do a simple seek you will find an account that can login to your network and the database does not know it is the application logging in or not.

“The consumer is the biggest risk as you have spent money on securing the network but look at data losses, the biggest thing is the insider threat. We are putting a band-aid over the problem, are your privileged accounts controlled? You think the problem is sorted, but it is not in any way as you have not secured your privileged accounts.”

He claimed that companies are waking up to the reality of privileged user management but the process to get it protected and recognised is taking too much time.

He said: “How many people use the 'admin' account? 150 people? It could be a negligent problem; the ability to track identities is important and preventative. Who is sysadmin? Now whose problem is it, and can I fix the application problem?”

Commenting, Simon Godfrey, director of security solutions at CA, said that he could see the challenge and a problem lies with outsourcing. He said: “You outsource the management of systems, you are giving control to someone you do not know, but there is a big rule of expulsion if you are found to be doing it, but it is not effective to regulatory needs to show examples.”

Andrew Clarke, managing director EMEA at e-DMZ Security, commented that access to systems and applications using privileged passwords are often shared or badly secured. The root of the problem is that data centres have many infrastructure devices such as firewalls, routers, and storage that are built with hard-wired user names such as ‘Administrator', ‘Root', ‘db2admin', or ‘System' to allow management of the device, or troubleshooting in the event of problems.

Also many applications are shipped with administrator passwords, which give access to important underlying functions such as configuration or integration capabilities, as also are operating system products such as root directory access within Unix and Linux.

“Organisations face further problems due to legacy code in which the administrator passwords are hard-coded into operational code, in order to facilitate application-to-application, or application-to-system integration. Whether passwords in an organisation are hard-coded, shared, or otherwise inappropriately secured, the result is increased risk,” said Clarke.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Password recovery made too easy

Password recovery made too easy

A senior malware analyst has slammed the availability of a `password recovery' utility from Freehostia, noting that the software actually uses network admin utilities to take credentials from the users' ...

Belgacom says alleged GCHQ APT attack cost firm £12 million

Belgacom says alleged GCHQ APT attack cost firm ...

One year on from a nation-state APT which 124 systems at telecom operator Belgacom and the firm has detailed the cost and manpower involved in the clean-up operation.

CryptoWall compromises 40,000 UK citizens

CryptoWall compromises 40,000 UK citizens

Research just published claims to show that ransomware - in the shape of CryptoWall - is still generating healthy volumes of income for the cyber-criminals behind the code.