David McNeely, chief strategy officer at Centrify, said government agencies looking to secure cloud-based information technology systems from adversaries amid rapid shift to telework arrangement should implement privileged access management.
McNeely discussed how adversaries trick IT professionals of an agency to compromise credentials and gain access to networks using malware.
“Many agencies are moving to privileged access management products as the main method of controlling IT-level access to their systems because those tools are specifically designed to protect against that type of threat,” he wrote. “Privileged access management focuses on securing and managing IT professionals’ access to the inner workings of an agency’s IT resources.”
McNeely said agencies that are implementing security controls like personal identity verification cards in managing on-premises IT systems should enforce those same controls in cloud-based infrastructure and provide IT teams access to specific systems they need to perform their functions.
“Agencies must deploy strong authentication and privileged access management to ensure that only authorized users have access to the systems that power their missions, whether those systems are on-premises or in the cloud.”