-optimized.jpg){kind=avatar}
Rich Turner, SVP EMEA at the cyber firm CyberArk, considers what nightclubs can teach you about protecting your organisation, digitally speaking.
Over the last 18 months, it has become clear that we are very much living in the age of the mass-impact cyberattack. Ransomware, in particular, is on the rise. Coupled with the fact that many organisations are continuing to rapidly transform their business by investing in new cloud technologies and adopting new forms of communication and delivering services to customers in innovative ways, this means protecting against cybersecurity risk has taken on a greater sense of urgency.
This is especially true for identity-related risk. Cybercriminals are increasingly adept at stealing credentials โ whether IT admins, business users, or even machines โ to access sensitive areas of the business, and organisations need to keep up with the tempo of attacker innovation.
Our new ways of working have made protecting all identities, and their high levels of privileged access and related credentials, more important than ever. But how can we represent this risk in a way that businesses can best understand? Weโre going to use nightclubbing as a proxy as we show you how to protect whatโs most valuable to your organisation.
Getting past the door
Getting into a nightclub is all about showing that youโre going to be an acceptable part of the environment. A wannabee partygoer might struggle to get past nightclub door staff for any number of reasons, including wearing the โwrongโ clothing, exhibiting bad behaviour in the queue, or lacking sufficient/valid credentials. Sometimes underage revellers will bring a fake ID, duping bouncers into allowing them entry.
Think of technologies like privileged access management (PAM) as the ultimate โgate keeperโ for who gets access to what, where and for how long. For example, there are minimum requirements for users to gain initial access; often a username/password at the most basic level. These first-level credentials are not particularly secure and can be bypassed, much like some revellers who successfully bypass doormen with fake IDs. This fallibility makes further authentication a must to properly defend the organisationโs key information and resources.
Access all areas
A night out at a club wouldnโt go so well without bar staff. These employees need access to staff-only areas such as the area behind the bar, the staff room and storage areas to pour drinks, mix signature cocktails, replenish bottles, and review stock lists. Some of these areas will require some form of access key to enter. Only trusted staff should be provided access to these areas to prevent any pilfering.
Certain areas of IT infrastructures operate on a similar model, with these access keys allowing system admins to make changes to system or applications, add or remove users, or delete data. Sometimes these โsuper usersโ will be domain admins; people that have extensive access rights across the network. These are super critical to secure. Unsurprisingly, gaining access to the credentials of these users represents the highlight of a cybercriminalโs night outโฆand itโs game over for the organisation if this happens.
Whether it is from legitimate employees posing a threat or an external threat actor, PAM helps manage and secure network access and, using the principle of least privilege, only grants admin-level access to those who need to use it to perform their role.
Are you really a VIP?
Nightclubs often have VIP areas that clubbers access either by paying extra to enter, or having sufficient (โcelebrityโ) status as an individual. Extra security staff often guard VIP areas to retain their prestige and prevent the less-exalted amongst us from entering. Essentially, only those with legitimate access are welcome.
โVIP areasโ for organisations equate to those resources that are typically extremely limited in terms of who is allowed access to them. Your โnormalโ user will not be allowed to interface with a companyโs sensitive IP, HR information, or non-public financial results. Only those users with escalated privileges โ VIPs, in other words โ should have access to them, and even then this should be tightly controlled. Attackers routinely seek to escalate privileges in order to access critical assets and data.
Who staysโฆwho gets kicked out?
Things donโt always go as planned during a night out. People try to get to where they shouldnโt, crashing other peoplesโ reserved tables, or trying to blag their way into the VIP lounge. The staff may ask some partygoers to leave the club because of their undesirable behaviour. They may even be barred from ever returning to the club.
Compare this to a third-party contract ending, a consultantโs project finishing, or simply those who try and access a part of the network or an asset that they shouldnโt have access to. Once this happens, their privileged access becomes a potential security risk. Retaining it is undesirable and unnecessary; it should be de-provisioned immediately to shut off any chance of an attacker exploiting unused credentials or access. In the case of someone trying to get to where they shouldnโt be, thatโs something that needs shutting down immediately.
Surveying the scene
So how do organisations know where privileged access exists, and in turn, secure it?
In a nightclub, the manager and their team are tasked with observing everything thatโs going on. Security cameras and staff scan the dancefloor and restricted areas, watching for incidents and ensuring that all is running seamlessly. In business, this is the IT security team. PAM allows full visibility of access to critical data and assets, and can monitor, grant and revoke that access when needed. Adopting appropriate cybersecurity measures to secure credential-based access is essential for organisations wanting to protect their business from disruption or loss.
It used to be easy to take a night out for granted. You donโt necessarily consider the sheer number of resources that it takes to help make this a reality, from the bouncers that keep the obvious trouble out, the bar staff and DJs to keep you fed, watered and entertained, and the club staff that ensure that if youโre on that table or in that VIP room, itโs because youโve paid to do so. Whoโs going to kick out the people having a fight on the dancefloor? You? Probably not. And thatโs not even considering the behind-the-scenes efforts to keep you safe, secure and entertained.
So, as the number one control for managing, monitoring and protecting identities across your organisation, consider what PAM could do for you. Now get back onto that dance floor!
