1. Limit admin access to systems
The foremost step is to secure the network with privileged accounts as they become the top target of any attacker to seek access.
At the Black Hat USA 2016 conference in Las Vegas earlier this month, Thycotic, a specialist in privileged account management (PAM) solutions, surveyed more than 250 attendees among which were both black and white hat hackers. During the survey, Thycotic explained that the attacker gains entry into the network often by exploiting an end user computer, after which it elevates the privileges by compromising a privileged account which allows attackers to operate on a network as if they are a trusted IT administrator.
To be on guard against it, organizations should adopt a least privilege strategy in which privileges are only granted when required and approved. For IT admin privileged accounts, access to the accounts should be controlled and Super User Privilege Management for Windows and UNIX systems should be implemented to prevent attackers from running malicious applications, remote access tools, and commands. It administrators should mostly use standard accounts till not necessary.
2. Protect privileged account passwords
As hackers hijack privileged accounts, it gives them the ability to access and download a company’s sensitive data. Attackers can broadly distribute malware, destroy the data, bypass existing security controls and erase audit trails to hide their activity. It is difficult to manage privileged accounts which are necessary to today's IT infrastructure.
To top it all, organizations still rely on manual systems like spreadsheets to manage privileged account passwords which is an inefficient way and so the such systems are easily hacked, posing a major security risk to the entire enterprise.
Privileged Account password protection provides a comprehensive solution to automatically discover and store privileged accounts, schedule password rotation, audit, analyze, and manage individual privileged session activity, and monitor password accounts to quickly detect and respond to malicious activity.
3. Extend IT security awareness training
With the increasing phishing attacks, companies need to seriously consider expanding their IT security awareness programs beyond simple online tests or acknowledgements of policies.
White hat hackers are greater believers in security awareness training than black hat hackers.IT security awareness training is important for even a start up.
4. Limit unknown applications
It’s important to know which applications are authorized to run on a network to ensure their passwords are protected.
“Application accounts need to be inventoried and undergo strict policy enforcement for password strength, account access, and password rotation. Centralized control and reporting is essential to protect critical information assets,” Thycotic wrote.
5. Protect user passwords with security best practices
Not only privileged accounts, end user accounts also remain an attack vector. 77% of survey reports don’t believe that any password is safe from hackers. However, if one is ready to secure end-user passwords, security policy for password should be strengthened which should be changed frequently. The passwords should be easy and secure so that employees don’t have to regularly call the help desk when they change their workstation and forget a password.
