Super Power Password Protection - Watching You Watching Me
by Calum Macleod - European Director of Cyber-Ark Software - Thursday, 26 October 2006.
Now you may be reading this and saying “this is just a re-hash of commonly known hacking risks”, and you would be right. But in this case the risk is not the outsider but the insider who is trusted and whose job it is to actually look after your workstation and administer the network. And whether this is being done from your office or from somewhere on the other side of the world by some invisible outsourced employee, the unsuspecting Financial Officer, Auditor, Payroll clerk, etc., are oblivious to what is happening.

So what steps should you be taking? Well very simply – every single shared identity from the workstation to the database must be protected and changed on a regular basis. Access to a shared account must be logged so that the individual who requires a particular password should be required to provide a reason, and this request should be authorized – dual control.

Each and every administrative/shared/privileged password should be unique. The practice of accepting the same administrative password on every workstation should be discontinued, since having access to the clerk’s password means access to the CEOs machine.

Administrative passwords must be changed on a regular basis, including workstations. This process can be completely automated, which adds the benefit that specific individuals are not aware of passwords until such time as they need them.

Audit logging of every access or request for a password is essential, and this must be done in a manner that it provides non-repudiation for external auditors. In other words can you prove that you are doing this and policies are being adhered to? Can you identify the individual who last had access to any system or application?

Is this paranoia? No – paranoia is wondering everyday if someone is looking over your shoulder. This is simply common sense advice to any enterprise that values its confidentiality, and is not in the business of unnecessary risk. If you value your business, then you should not be wondering if your assets are protected.

The figures showing a decrease of 83% in burglaries in Cleveland, identified that the decrease was a direct result of people taking the advice of the police about proper security measures. In the IT world 70%-80% of IT theft (hacking) occurs from within. It’s time to you took proper security measures. Peace of mind doesn’t have to cost very much, and its certainly a great feeling.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th