+1-202-802-9399 (US)

Thycotic’s Cyber Security Publication

How to kick start your least privilege strategy as we begin 2019

January 15th, 2019


Least Privilege Cybersecurity for Dummies

As we open 2019, we are expecting the issue of least privilege cybersecurity to become a priority for companies across the spectrum. One of the big reasons, of course, is that 80 percent of breaches today involve the compromise of IT and business user credentials including usernames and passwords.  To combat the exploitation of compromised accounts, organizations increasingly recognize how important it is to secure and protect privileged access across the enterprise for super users and business users, services, applications, data and systems.

The concept of least privilege cybersecurity has come to the forefront because it offers a means to proactively make sure that when credentials are hacked or abused (and we should assume they will be sooner or later), privileges are restricted or limited so that any exploitation can be quickly detected and contained.  This is particularly important in securing hundreds or even thousands of vulnerable endpoints.  However, restricting privileged access poses significant challenges that must be addressed.

How do we prevent overprivileged access without negatively impacting productivity?

If users can’t get access to an account, server or device such as a printer or application, they will have to call the helpdesk. Helpdesk staff, under pressure to keep things running, all too often end up granting more privileges than needed to get users quickly back on track.  The dilemma becomes:  How do we prevent overprivileged access by users, applications and services without negatively impacting productivity?

To help organizations understand the principle of least privilege and how to successfully implement a least privilege strategy, I’ve just authored a new eBook, published by Thycotic called Least Privilege Cybersecurity for Dummies.

Much like the previous two “Dummies” books that I’ve authored (PAM for Dummies, Cybersecurity for Dummies), this new book gives you an easily readable 16-page introduction to least privilege cybersecurity that you can share with your IT staff as well as business users and executives.

Learn the five key action steps to help assure success in implementing least privilege

The book explains how to define least privilege cybersecurity, with examples to illustrate the dangers of overprivileged users. It shows how to lay the proper groundwork for implementing a least privilege strategy in terms of identifying critical data assets, mapping them to privileged accounts, and incorporating a privileged account lifecycle of protection.  It then provides five key action steps to help assure success in implementing least privilege, including the combination of least privilege with application control—essential to any least privilege plan.

Before you make any decisions to deploy an Endpoint Protection Platform (EPP), or any kind of complex Endpoint Discovery and Remediation (EDR) solution, you need to consider how a implementing a least privilege strategy with application control could work in your organization.  It could save you enormous amounts of time and resources by limiting privileges to stop exploits in their tracks.

Remember, all it takes is one compromised endpoint with local administrator rights for a cyber criminal or malicious insider to exploit your network undetected and put your entire enterprise at risk.  Your journey to a least privilege solution starts by reading this free eBook.

SHARE THIS


The following two tabs change content below.

Joseph Carson

Joseph Carson has over 25 years' experience in enterprise security, is the author of "Privileged Account Management for Dummies" and "Cybersecurity for Dummies", and is a cyber security professional and ethical hacker. Joseph is a cyber security advisor to several governments, critical infrastructure, financial and transportation industries, speaking at conferences globally. Joseph serves as the Chief Security Scientist at Thycotic.

Leave a Reply

ERROR: si-captcha.php plugin: GD image support not detected in PHP!

Contact your web host and ask them to enable GD image support for PHP.

ERROR: si-captcha.php plugin: imagepng function not detected in PHP!

Contact your web host and ask them to enable imagepng for PHP.