Kamel Heus at ThycoticCentrify explains how it’s possible to meet the dual challenge of simplifying access and protecting against threats
Providing secure server access for authorised IT staff, whilst simultaneously protecting against malicious threats and hackers who want to steal your data, is the double-edged sword facing every organisation.
When it comes to secure server access, less really is more. The days of granting an IT administrator unfettered access are disappearing and now best practice demands that access for all users should be via a clean, reliable source. For optimum ongoing security, admins can record user activity, or at the very least, monitor users to detect any suspicious activity.
Security teams would be wise to move from unlimited access towards a least privilege approach based on identity and just enough, just-in-time access. Occasionally an administrator may require access via a local admin account, but this is rare. Access can be granted to admins using a unique account assigned to them with user-specific privileges.
The right privileged access tools Choosing the right privileged access tools can yield a host of benefits. A privileged access management system designed to empower ‘least privilege’ and ‘ease-of-use’ ends up ticking multiple boxes. As well as successfully protecting against data theft, it can also help your organisation meet compliance requirements, and mitigate against damage via an exploited privileged account.
Another spin-off benefit is that by reducing the complexity normally associated with managing privileged accounts, you can improve efficiencies and thus gain better productivity.