Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You’re reading the handwriting on the wall. Your company expanded its cloud infrastructure over the last few years, adding more and more Software-as-a-Service (SaaS) applications to its stack in response to remote work. Like 86% of other companies, you expect that this will continue at the same or an accelerated pace. In response to these IT changes, new laws and industry standards expect you to move toward a zero trust architecture.

Privileged account management is the process of identifying, controlling and monitoring privileged accounts and their associated activity. Privileged accounts are typically high-level administrator accounts that have broad access rights across an organisation’s IT systems. Because of their elevated level of access, these accounts pose a significant risk if they were to fall into the wrong hands.

The Center for Internet Security (CIS) publishes Critical Security Controls that help organization improve cybersecurity. In version 8, Control 6 addresses access control management (in previous versions, this topic was covered by a combination of Control 4 and Control 14).

Managing access rights of privileged users is one of the cornerstones of data security. That’s why the privileged access management (PAM) market is booming with tools and practices. But this variety of PAM options makes it challenging to figure out which practices and controls your organization can benefit from.

The Windows ‘Administrator’ account is a highly privileged account that is created during a Windows installation by default. If this account is not properly secured, attackers may leverage it to conduct privilege escalation and lateral movement. When this account is used for administrative purposes, it can be difficult to distinguish between legitimate and malicious activity.

This blog is Part IV in a series about identity-based access management of AWS resources. In Part I, we covered how to use OSS Teleport to access Amazon EC2 instances running in private subnets. Part II explained implementing identity-based access via SSO integration with Okta. Part III covered the steps to configure privilege escalation for just-in-time access requests. In Part IV, we will guide you through the steps to configure SSH session recording and auditing.

The four-eyes principle means an activity must be approved by two people, or from Argus Panoptes if the ancient Greeks needed access controls. This principle is commonly used in both routine and non-routine scenarios. On the routine side are “Business Execution” processes. Here the Four Eyes principle is used to stop negative outcomes as the result of poor execution of a regular business task.

As more and more businesses move towards cloud-based operations and embrace digital transformation, security is increasingly becoming an important question. As an enterprise migrates to the cloud, its assets and data resources need to be migrated as well, and that might expose the sensitive information.

We’re happy to announce the latest version of PAM360 now supports self-service privilege elevation with application whitelisting capabilities. Before exploring the feature in-depth, let’s start with the fundamentals.