Network cables Michael Bocchieri/Getty Images
In this photo illustration, network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers

Access Control for Data Center Admins: CASB, SSO, or PAM?

Researchers agree that most enterprise security breaches involve stolen or weak passwords. Here are the main technological approaches to addressing this problem.

Controlling access is essential to cybersecurity, especially access to privileged accounts like those of data center and cloud administrators.

According to the latest Verizon Data Breach Investigation Report, 81 percent of hacking-related breaches involved either stolen or weak passwords, and 14 percent involved privilege misuse.

Other researchers back that up -- Forrester, for example, estimates that 80 percent of security breaches involved privileged credentials.

"Privileged credentials provide greater scope for stealing data en masse than individual accounts do," Forrester analyst Andras Cser writes in a report. "With privileged credentials, attackers can dump the entire database, bypass network traffic limitation, delete logs to hide their activity, and exfiltrate data easier."

At the very minimum, enterprises should try to implement a least-privilege policy, where employees only have access to the particular systems that they need, and roll out multi-factor authentication.

That might be enough for most employees, but system administrators, who hold the keys to the kingdom, need extra protection for their credentials.

To read the rest of this article, please register below:

TAGS: How to…
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish