According to Verizon’s “2016 Data Breach Investigations Report
,” hackers used weak, stolen or default passwords to access networks in 63 percent of confirmed data breaches in 2015. Two years later, stolen credentials still were a top hacking tactic. It is imperative that IT professionals employ IAM solutions to defend their networks.
IAM solutions help ensure that workers have access to the parts of a network that they need to reference to do their jobs but restrict them from accessing files or programs that are not related to their jobs or areas of a network where they could accidentally cause harm, such as by installing a new program without permission or deleting files. These solutions also track a user’s actions on the network, so it is easier to determine who is responsible for what network activities.
Privileged access management solutions serve a similar role for IT specialist access. Privileged identities have the power to alter system configuration settings; view and change data; and run programs on operating systems, databases, network and backup appliances, and more, according to Lieberman Software
. However, although many companies employ IAM systems to manage regular user permissions and passwords, some IT teams choose to manage their privileged identity passwords manually with a spreadsheet or other low-tech solution, the company says. As a result, these passwords usually are not changed as often as they should be, which means that former employees can access these privileged accounts after they leave the company. In addition, some IT teams use the same password across multiple privileged accounts, which makes it easier for a hacker to gain access to the entire network. PAM solutions can help IT specialists defend the most critical access points into their companies’ networks.
Morey J. Haber
, chief technology officer at Beyond Trust, will share with Cyber Security Dallas 2018 attendees his company’s strategies for using IAM and PAM solutions for cyber defense. In “How to Build Effective Defensive Strategies against Privileged Attacks
,” which will take place on Wednesday, Oct. 31 from 9:30 to 10:00 a.m., Haber will show attendees how privileges, passwords and vulnerabilities are being leveraged as attack vectors and how IT specialists can take measurable steps to defend against the attacks.
Cyber Security Dallas will take place Oct. 31-Nov. 1 at the Gaylord Texan Resort & Convention Center in Grapevine, Texas. Ticket info can be found here