Scott Walker, Senior Solutions Engineer at BeyondTrust, looks back on the cybersecurity follies we lived through last year, and how this can prepare us in the year ahead.
As we continue our way through a new year, it’s a great benefit to reflect on the breaches that shook the cybersecurity world in 2018, and what lessons there are to be learned for the future.
More than 3.4 terabytes of data and 70 million documents from FIFA were leaked, 90 million Facebook user accounts were exposed, and it was a tough summer for BA after it suffered breach after breach, one affecting 380,000 transactions, with confidential personal and financial information being stolen.
The list is extensive, and is a clear testament to the risk that cybercriminals can pose, as well as malicious insiders who have the capabilities to be a liability to confidential data, regulatory compliance status and reputation.
The past year has really shown that the days when we could run antivirus software, put up a firewall, apply patches and consider it a job done in regards to cybersecurity are gone. So here are five steps to ensure the best preventative measures against a cyber-attack and tightening up control over critical systems in a modern business.
The ex-employee threat
Not all relationships work out, and the same goes for office employees. Terminating the contract of an IT administrator can have detrimental consequences, especially if they’ve left on bad terms. Immediately after an employee leaves, all logins to the systems must be revoked. It’s also important to pay attention to privileged account access that gives IT personnel free reign throughout the infrastructure, enabling them to install applications and change configuration settings”
Assess all access points
It can be a tricky business knowing exactly what to cut off access to. Privileged accounts reside on almost every system, line-of-business application, web service and hardware device. Furthermore, in larger organisations, there are likely to be thousands of these kinds of accounts, including ones you’re not even aware of. Even so, every single one of these accounts acts as a point of entry for hackers. What you need, is a tool to discover them all.
Going beyond the 8-character login
There is probably a mandatory password policy in place to establish complexity, change frequency and so on. Unfortunately, preventing the kinds of breaches that will be coming from the most criminally organised of hackers won’t be helped by some extra characters and numbers. You need to document where the privileged accounts reside in your infrastructure. Then, you need to set up each account with its own unique and cryptographically complex password and continuously change these credentials.
The proof is in the pudding
How can you prove who is accessing your privileged accounts? By having thorough oversight on privileged access, you can discourage abuse of these accounts and provide a complete audit trail leading back to the precise cause if an issue does occur. You can do this with detailed reports showing which privileged credentials are used, when they are used and for what purpose. Those with access to these reports should be limited to IT management and executive staff only.
A post-It away from a cyber-attack
You wouldn’t carelessly give away your most prized possession, so why your passwords? Keep your privileged account passwords available only to delegated, audited users on a need-to-know basis. And don’t stop there. Ensure they are time-limited, frequently changed and that there are no passwords lying about on sticky notes, shared spreadsheets or in an IT admin’s memory. This also means that no tricky social engineering exploits or even rogue IT employees can use a known privileged password to their advantage and expose your network to dangerous threats.
While many of these steps may seem overwhelming at first, with the correct cybersecurity solutions in place, it’s much easier to get to manage. Unfortunately, no one can future gaze on who hackers are targeting next. But by adopting vigilant cybersecurity measures, not only will you have peace of mind but it could also save you from a much bigger headache down the line.