Q&A: Insider Threat
by HNS Staff - Monday, 14 July 2008.
Orphaned privileged accounts and orphaned access are trickier problems to solve. These issues generally revolve around people that are granted systems maintenance responsibilities at some point during their tenure with a company. Orphaned privileged accounts are highly-privileged accounts like a root shadow account that an administrator may create on a system simply to make various tasks a little easier. The main problem with these accounts is that they are created outside of the normal process, so if that person leaves or moves to a different role where that access is no longer required, there is no record of this account being created and it most likely will not be removed. Often, these accounts are given names that make them harder to detect. This also makes them harder to identify when the appropriate time comes to remove them.

Orphaned access is the relative of orphaned privileged accounts. This refers to access to common privileged accounts such as root, Oracle sys and Cisco enable in organizations that still share the passwords for these accounts. Unless a company is diligent in rotating all the passwords to privileged accounts every time an IT staffer leaves or when their role in the organization changes, a company is very susceptible to misuse of this privileged access. In our survey that I cited earlier, 62 of respondents stated they were still sharing privileged among their IT staff. This is a disaster waiting to happen.


The price of the Internet of Things will be a vague dread of a malicious world

Regulatory practices assume untrustworthy humans living in a reliable universe. People will be tempted to lie if they think the benefits outweigh the risks, but objects won't.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Oct 8th