Lateral movement, the process by which cyber criminals spread from an entry point to the rest of the network, is generally a strong early indicator of ransomware attacks. Privileged accounts are usually their primary targets, allowing them to gain elevated administrative access and quickly move laterally through the network searching for sensitive data and other high-value assets. Our latest cybersecurity Pulse study has shown that ninety-one percent (91%) of enterprise clients take this threat very seriously. However, the study also revealed that one of every two enterprise clients still relies on too many manual processes for managing privileged access, leading to low operational efficiency and significant risk exposure.
- The more a privileged account is exposed, the higher the risk of a successful attack. Fifty-eight percent (58%) of enterprise clients reported that the ongoing discovery of privileged accounts is mainly performed using manual mechanisms, impacting their ability to detect unmitigated access risks in a timely manner. One undiscovered—and consequently uncontrolled—privileged account is one too many.
- Manual onboarding activities are prone to human errors due to the complexity and, in many cases, misinterpretation of security requirements. Fifty percent (50%) of enterprise clients still rely on manual activities to onboard privileged accounts. The lack of automated onboarding mechanisms generally leads to inadequate, inconsistent, or incomplete security measures, leaving many privileged accounts susceptible to being breached.
- Uncontrolled legacy privileges must be revoked on time to prevent backdoor access. Fifty-five percent (55%) of enterprise clients highlighted that offboarding legacy access remains a manual process that takes a significant time to complete. More importantly, legacy access is not always immediately and automatically revoked post onboarding activities, leaving a backlog of unprocessed access removal requests that many times remain open indefinitely.
- The lifecycle of privileged accounts must be run like a real-time military operation, with no room for processing errors or omissions. Fifty-one percent (51%) of enterprise clients highlighted that they still rely on a wide range of manual processes to execute their ongoing privileged access management processes (joiner/mover/leaver/user access review), preventing them from adequately mitigating access risks in an almost real-time basis.
The Bottom Line: Technology leaders must be on guard as end-to-end management of privileged access is too critical to be left to manual processing, which is prone to errors, delays, and sub-optimal decisions
Securing privileged accounts used by human and non-human identities is without any doubt a challenging job, especially when we add the complexity of multi and hybrid cloud environments. Well-designed privileged access processes are unfortunately not enough to keep pace with the constant and soaring number of privileged accounts, and only high levels of automation can guarantee the completeness, accuracy, and timeliness of day-to-day operational activities.