This week, I’d like to focus on identity management and privileged access controls, an often-overlooked aspect of cybersecurity.
To understand what impact this can have, let’s understand how hackers operate. Often, an attacker will phish a single employee’s credentials or establish new credentials once they infiltrate a network. ZDNet reported that approximately 269 billion emails are sent daily worldwide, and approximately 2,000 of those are emails intended to phish personal information.
And, once they’re in, they maneuver to escalate privileges–essentially granting whoever they’ve compromised the ability to act as an administrator within your network. The Zero-Day attack by Chinese hackers is a perfect example of how quickly one infiltration can spread. A single breach can allow skilled hackers to get total remote control over many systems.
The good news is that identity management solutions and privileged access management are two ways to combat these types of risks.
Identity Management and Privileged Access
Identity management is the practice of giving only the right people access to the right systems, applications, and databases needed to perform their jobs. There are a number of things that go into this, but here are three key items to keep in mind:
1. Multi-Factor Authentication
You need to have a mechanism to confirm your employees are who they say they are. One of the best tools to employ is some form of multi-factor authentication.
2. Roles and Access
Who needs to have access to what system, application, or database? You need to define the roles within your organization and ensure that only authorized individuals have that access.
For example, a sales associate, accounting intern, or front desk receptionist should not have access to networks as if they were inside the IT department.
However, it’s also well understood that certain groups within a company need access to everything. Think of your IT department or certain engineering functions within a technology company. It’s OK that certain groups maintain full privileges within the network, but the key element to remember is to be thoughtful about who maintains access and err on the side of being restrictive. It’s one of the best ways to mitigate damage if a hacker finds their way into your network.
3. Profile Management
Actively manage the lists and profiles of employees to ensure the integrity of access controls. Employees may switch departments internally or leave the company altogether, and when that happens, there should be a process in place to prevent ongoing access when it’s no longer needed.
Case in point: A former employee at Allen & Hoshall left to set up his own business but continued to access files and email for two years, helping himself to approximately $425,000 worth of documents and designs. He was busted by a client who recognized the pitch he presented as eerily similar to the Allen & Hoshall bid and was sentenced to 18 months in jail.
Final Thoughts
When it comes to these types of protocols and your cyber insurance, remember that underwriters look for certain policies and protocols. Identity management and privileged access controls are an increasingly important component to a cyber insurance underwriting process.
In fact, we see underwriters asking more questions about these types of solutions, trying to ensure that a company has good guardrails around employee access to systems, applications, and data.
For more insights like this, check out the Cyber Notebook or get more Cyber Dan insights by subscribing to our YouTube channel.
ON-DEMAND WEBINARS
D&O Looking Ahead to 2021
Get the critical news and intelligence from the eighth annual Looking Ahead Guide, ask questions of our panel, and more.
Related Blog Posts

The BIPA Litigation Landscape and What Lies Ahead
Class action litigation for non-breach privacy violations has exploded and the Illinois Biometric Information Privacy Act (BIPA) is the culprit.

Ripple Events: Should You Report a Claim?
As these kind ripple event attacks become more frequent, prepare your company to set proper safeguards and report claims right away.

Zero-Day Exploit Cyber Hacks: A Lot on the Line
An aggressive Chinese-based cyber-espionage unit has been hacking companies through a new vulnerability called a zero-day exploit.