Hackers are coming for your privileged accounts: What you can do to stop them

Not all accounts are created equal. Those that have special privileges and access are a prime target for hackers, and companies know it. But what can they do to protect these super users?

A recent survey by Thycotic, a privileged account management (PAM) and security firm, found that most companies know they need to take extra steps to protect these high-value targets. The State of PAM Security report showed three-quarters (77%) of respondents said controlling privileged users and their credentials was a security priority for the company.

For some, this level of control wasn’t even an optional choice. Sixty percent of survey respondents said controlling these accounts was a compliance requirement for the organization.

Challenges in protecting accounts

That said, it wasn’t always easy for respondents to secure these accounts. Sixteen percent of respondents disagreed or strongly disagreed that their organizations had strong password policies that were understood and enforced by senior staff members.

And two-thirds of organizations manually managed privileged account credentials. That opens the process up to lapses and risks that could be targeted by hackers.

Other shortcomings that put accounts at risk:

What to do

It may not seem very democratic to have different requirements for different employees. But those who deal with the most sensitive information or the most valuable resources need to have added security layers to stay safe.

Investing in a security solution may be one option. But other best practices include:

  • requiring additional or more frequent password changes for privileged users
  • adding requirements for these accounts, such as longer or more complex passwords, and
  • using two-factor authentication whenever possible.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy