Q&A: Insider Threat
by HNS Staff - Monday, 14 July 2008.
Orphaned privileged accounts and orphaned access are trickier problems to solve. These issues generally revolve around people that are granted systems maintenance responsibilities at some point during their tenure with a company. Orphaned privileged accounts are highly-privileged accounts like a root shadow account that an administrator may create on a system simply to make various tasks a little easier. The main problem with these accounts is that they are created outside of the normal process, so if that person leaves or moves to a different role where that access is no longer required, there is no record of this account being created and it most likely will not be removed. Often, these accounts are given names that make them harder to detect. This also makes them harder to identify when the appropriate time comes to remove them.

Orphaned access is the relative of orphaned privileged accounts. This refers to access to common privileged accounts such as root, Oracle sys and Cisco enable in organizations that still share the passwords for these accounts. Unless a company is diligent in rotating all the passwords to privileged accounts every time an IT staffer leaves or when their role in the organization changes, a company is very susceptible to misuse of this privileged access. In our survey that I cited earlier, 62 of respondents stated they were still sharing privileged among their IT staff. This is a disaster waiting to happen.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th