Access Control for Data Center Admins: CASB, SSO, or PAM?

Researchers agree that most enterprise security breaches involve stolen or weak passwords. Here are the main technological approaches to addressing this problem.

Maria Korolov

October 4, 2018

1 Min Read
Network cables
In this photo illustration, network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customersMichael Bocchieri/Getty Images

Controlling access is essential to cybersecurity, especially access to privileged accounts like those of data center and cloud administrators.

According to the latest Verizon Data Breach Investigation Report, 81 percent of hacking-related breaches involved either stolen or weak passwords, and 14 percent involved privilege misuse.

Other researchers back that up -- Forrester, for example, estimates that 80 percent of security breaches involved privileged credentials.

"Privileged credentials provide greater scope for stealing data en masse than individual accounts do," Forrester analyst Andras Cser writes in a report. "With privileged credentials, attackers can dump the entire database, bypass network traffic limitation, delete logs to hide their activity, and exfiltrate data easier."

At the very minimum, enterprises should try to implement a least-privilege policy, where employees only have access to the particular systems that they need, and roll out multi-factor authentication.

That might be enough for most employees, but system administrators, who hold the keys to the kingdom, need extra protection for their credentials.

To read the rest of this article, please register below:

About the Author

Maria Korolov

Maria Korolov is an award-winning technology journalist who covers cybersecurity, AI, and extended reality. She also writes science fiction.

https://www.mariakorolov.com/

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like