While prevention may be impossible, given the sheer number of possible attack surfaces open to potential hackers, we must at least attempt to decrease the risk, and reduce the chance of an initial attack being successful.
Mind the gap
The first step is usually a security assurance audit. MTI has a large number of accredited consultants focussed on security audits, penetration testing (internal and external), and web testing, as well as best practice processes, and compliance. This work will highlight any obvious gaps in your organisation’s security, as well as identifying any immediate remedial actions needed.
Outside of the basics, such as firewalling and intrusion prevention solutions, there are also some common areas preferred by cyber criminals that need to be ‘hardened’. The first of these that we address is the management and security of privileged accounts.
The keys to the kingdom
Privileged accounts are accounts that hold elevated permission to access files, install and run programs, and change configuration settings. So, they are high on a hackers list of targets, as they’re literally the keys to open any door within the IT infrastructure.
Given that privileged accounts are responsible for between 80-100% of all breaches, this investment offers tangible results showing the reduced risk of account misuse or highjacks.
MTI can conduct a free audit of your organisation’s privileged accounts. We will then present you with a report to show:
- How many privileged accounts exist within your organisation
- How long it has been since the last password change on each of these accounts
- Whether password changes are being enforced
We also look at how techniques such as ‘Pass the hash’, and SSH Keys might be utilised to compromise your IT estate, as well as considering the possible path of such attacks.
Why privileged accounts are a hacker’s best friend
In the hands of an external attacker, or malicious insider, privileged accounts allow hackers to take full control of an organisation’s IT infrastructure. Join our webinar to find out more