Privileged User Management for Financial Services Companies

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Wealth management companies, broker-dealers, registered investment advisers and other organizations in the financial services industry are at high risk for cyber-attacks. Even small firms that would have been overlooked 10 years ago are now the target of cybercriminals, foreign-sponsored attackers, and “hacktivists” seeking entry points to do as much damage as possible. This makes privileged user management for financial services organizations a necessary investment.

One of the primary ways these attacks occur is by precisely identifying and targeting privileged users. For example, a company partner may be the target of a cyber-attack and not even know it. When the partner’s account becomes compromised without his or her knowledge, additional (and more damaging) attacks are launched. This can cause millions of dollars in damage – or even put a financial services firm out of business.

As cyber-attacks become more sophisticated, cybersecurity solutions providers have developed new ways to identify and prevent attacks.

Protect your organization. Get the comprehensive cybersecurity guide every executive should own. Download the Cybersecurity Resource Kit today!

What is Privileged User Management?

Privileged users are those who have access to critical systems, data, or system commands. Accounts with UNIX root access, Windows Admins, network devices, security products, generic IDs, and test scripts can all be examples of privileged accounts.

In many systems, administrative accounts and passwords are used by more than one person. This sharing can be controlled or uncontrolled, and it could exist in a persistent or temporary state. The more people share an account, even out of convenience, the greater the risk of a breach.

Many organizations are surprised to find out just how often privileged user accounts are shared. When your organization works with contractors, or if an assistant helps with email while an employee is on vacation, privileged accounts are often shared.

Administrative privileges can be abused in multiple ways:

  • Insider abuse: Whether for personal gain, to hurt the company, or some other motivation, insiders with privileged user accounts can damage corporate systems. If an organization uses cloud services, this means they face dangers from both within the organization and from their cloud provider.
  • External attacks: Privileged user accounts are a key target for external attackers. They are often the goal of sophisticated cyber-attacks, such as advanced persistent threat (APT) attacks that use social engineering to gain administrative credentials. Once a privileged user account is stolen, it can be used to launch other, more devastating attacks.

Deploying Better Privileged User Management

If privileged user accounts are properly managed, the risk for successful cyber-attacks greatly decreases. Here are some of the ways cybersecurity professionals can assist financial services organizations in improving privileged user management:

  • Fine-grained access controls: Exercising more control over very granular, least-privileged user access management policies helps make specific accounts less valuable to cybercriminals. It also protects users from accidentally causing unintended damage. Deploying granular policies gives administrators control over information access according to diverse criteria: user, process, time of day, file type, and other parameters. Restricting access to file system commands and clear text (unencrypted) data are also possible.
  • User activity reporting: Proper activity reporting delivers a deep look into what’s happening on organization servers and desktops.
  • Shared account management: Though shared accounts are inevitable, they can be managed better. Shared account management lets admins control account access, password complexity, and secure auditing.
  • Separating administrative duties: By dividing administrative duties among several users and accounts, organizations ensure there is not one single administrator account with complete control over encryption keys, administration, or data security activities. Two factor authentication can also be implemented.
  • Secure key management: This includes improved key generation, import, expiration, rotation, destruction, and export.
  • Security intelligence: Detailed management logs can specify how users and processes interacted with protected data. Business intelligence can track when data was processed, if access requests were allowed or denied, and which policies users applied. This kind of reporting helps system administrators immediately identify suspicious behavior. For example, if a privileged user suddenly accesses much more data than usual, the account may be compromised.
Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
2220 Followers
About CAMI

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel