According to Verizon’s “2016 Data Breach Investigations Report
,” hackers used weak, stolen or default passwords to access networks in 63 percent of confirmed data breaches in 2015. Two years later, stolen credentials still were a top hacking tactic. It is imperative that IT professionals employ IAM solutions to defend their networks.
IAM solutions help ensure that workers have access to the parts of a network that they need to reference to do their jobs but restrict them from accessing files or programs that are not related to their jobs or areas of a network where they could accidentally cause harm, such as by installing a new program without permission or deleting files. These solutions also track a user’s actions on the network, so it is easier to determine who is responsible for what network activities.
Privileged access management solutions serve a similar role for IT specialist access. Privileged identities have the power to alter system configuration settings; view and change data; and run programs on operating systems, databases, network and backup appliances, and more, according to Lieberman Software
. However, although many companies employ IAM systems to manage regular user permissions and passwords, some IT teams choose to manage their privileged identity passwords manually with a spreadsheet or other low-tech solution, the company says. As a result, these passwords usually are not changed as often as they should be, which means that former employees can access these privileged accounts after they leave the company. In addition, some IT teams use the same password across multiple privileged accounts, which makes it easier for a hacker to gain access to the entire network. PAM solutions can help IT specialists defend the most critical access points into their companies’ networks.
, senior director of security product management at Bomgar, will share his experiences with using IAM as a cybersecurity defense tactic. In “Automated Cyber Defense: Leveraging Identity Management to Get to Acceptable Losses
,” which will take place Wednesday, Oct. 17 from 10:10 to 10:40 a.m., Elliott will show Cyber Security Atlanta 2018 attendees how to redesign and automate their IAM and PAM systems to help limit potential losses from cyberattacks.
Cyber Security Atlanta will take place Oct. 17-18 at the Georgia World Congress Center. Ticket info can be found here