Kevin Jermyn, regional manager of federal customer success at CyberArk (Nasdaq: CYBR), has said government agencies seeking to protect sensitive data from cyber attacks should come up with a program to control, monitor and oversee privileged access to critical assets.
“One key component is the ability to restrict a hacker’s access as soon as an attack is detected without negatively affecting legitimate users’ abilities to meet their goals or missions,†Jermyn wrote.
He suggested four steps agencies can implement to address risks related to external attackers and insider threats and the first is reducing the attack surface by minimizing user privileges.
The three other steps are centralizing access to critical infrastructure using a secure repository to store privileged credentials; controlling role-based access and segregating administrative duties to restrict the power of an account; and analyzing and monitoring privileged user’s behavior and activities. Jermyn also offered an advice for agencies to ensure privileged access security as they move to the cloud.
“As agencies migrate to the cloud, it’s important to avoid creating technical debt by adopting the easiest option now with the intention of reworking it later to meet specific needs,†he said. “The better approach is to define a centralized structure from the beginning that incorporates best practices for managing privileged access.”
