Here is Tip #15 for National Cybersecurity Awareness Month: Protect privileged accounts.
Privileged accounts are a prime target of cybercriminals because, through them, they can gain widespread access to your data and systems.
Privileged accounts are what used to be commonly called “superuser” accounts, aka the ones that have the highest level of access to a system, such as a server and local endpoints. The account holders are the ones that typically configure, manage and support a system. That means these types of accounts are often unrestricted or lightly restricted.
Estimates vary from 50% up to 80%, but most cyber experts agree that the majority of breaches stem from misuse of privileged accounts.
Steps you can take
- Identify and start to track privileged accounts. Make sure you look at your leadership team in addition to your IT team.
- Identify accounts that don’t need that higher level of access and start to downgrade them. The more accounts you have, the greater the chances a hacker can get in.
- Never use a shared administrator account. This takes away from individual accountability and limits your ability to attribute any errors or breaches to the responsible party. Wherever possible, create individual accounts for your administrators and power users.
You can also download a free guide on Privileged Account Management for the Financial Services Sector that was created by the U.S. National Institute of Standards and Technology in collaboration with experts from the financial services sector and technology vendors.