5 Quick Wins To Protecting Privileged Accounts

One of the most effective ways to reduce the risk of a severe breach is by developing a comprehensive strategy to address and secure accounts with privileged access. These accounts are domain administrator accounts, database accounts, application accounts, and network infrastructure accounts. These accounts are the most desired type of accounts that hackers are after because they are essentially the keys to the kingdom of data and IT. They can cause the most damage and be the most lucrative from an attackers perspective. Therefore, by managing these accounts in a secure and comprehensive manner, the risk of a breach against these types of accounts is reduced. To get started, there are five quick wins that can be implemented to start the journey of privileged access management.

5 Quick Wins To Protecting Privileged Accounts

1. Discovery and Documentation of all Privileged Accounts.
"You don't know what you don't know" is a security risk.

  • Discovery and Documentation of all Privileged Accounts
  • Separate the Systems Administrator from the Domain Admin Account
  • Remove Local Administrator Accounts from client systems
  • Enforce password complexity, lockout thresholds, and rotation requirements
  • Remove redundant privileged accounts and minimize rights of each

  • Critical questions that need to be asked
  • Develop a comprehensive PAM strategy
  • Establish PAM security rules and controls
  • Integrate PAM to other types of security solutions (SIEM)
