CYBER ATTACKS & ACCOUNT MANAGEMENT

 

The compromise of privileged accounts was a crucial factor in 100% of advanced cyber-attacks and the absence of basic account management was a crucial factor in all of the recent high profile cyber-attacks (CyberArk, n.d.). This is why user account management (UAM) plays a crucial role to an organizations cyber security footprint. UAM is critical to protecting the health and privacy of a network. Without a proper UAM implementation or using UAM software, the organizations information systems can quickly become compromised by users that gain access to sensitive data of cyber criminals who take advantage of this poor UAM (DNSstuff, 2023). User account management is especially difficult in medium to large businesses because the number of accounts to manage is starting to become difficult to manage manually without any type of UAM software.

A few areas where account management can be improved throughout a business is account lifecycle management, multi-factor authentication (MFA), onboarding and off boarding process automation, the principle of least privilege, eliminating risk, and focusing on education (DNSstuff, 2023). Lifecycle management adopts unique identities for all employees across the organization. This type of account management requires constant monitoring of systems to withdraw resources and services when an employee leaves the organization (DNSstuff, 2023). MFA provides an extra layer of security for devices and applications, it asks for two factors when accessing a device. MFA can also include biometrics or facial recognition. Automating the user creation and deletion process when an employee joins or leaves the company removes the human error from the process (DNSstuff, 2023).

The principle of least privilege states that the employee will have only the privileges that are essential to perform their work, and nothing more (DNSstuff, 2023). Employing the principle of least privilege helps keep employees from either purposefully or unknowingly misusing sensitive data. When the cloud was first introduced, many companies were hesitant to adopting the offsite technology because they thought their data would be less protected in the hands of another company. This is simply not true, often cloud-based providers offer more sophisticated security controls than on-site data services (DNSstuff, 2023). Finally, many cyber-attacks are due to human error, which makes user education and training one of the most effective ways to protect against cyber-attacks. For this reason, it is crucial that employees understand security policies and procedures (DNSstuff, 2023).

 

 

References

Best practices and software for organization-wide user account management. DNSstuff. (2023, April 6). https://www.dnsstuff.com/best-practices-for-user-account-management-in-company

New report connects privileged account exploitation to advanced cyber-attacks. CyberArk. (n.d.). https://www.cyberark.com/press/new-report-connects-privileged-account-exploitation-advanced-cyber-attacks/

Poremba, S. (2023, January 5). The Cybersecurity Talent Shortage: The Outlook for 2023. Cybersecurity Dive. https://www.cybersecuritydive.com/news/cybersecurity-talent-gap-worker-shortage/639724/