Privileged Identities - Threat to Network and Data Security

Privileged accounts represent the biggest threat to enterprises. The number of cyber-attacks in which privileged accounts and insiders are involved directly or indirectly, has significantly increased in recent years. All-powerful access with the lack of accountability creates a risk which can certainly cause damage of immense proportions. Widespread use of virtual environments enhances the risk. The problem with lack of accountability due to use of shared accounts and passwords, little separation of duties and principle of “least privilege” not being followed is a massive occurrence in the use of virtual environments. Privileged identities are classified into groups of malicious insiders. They are involved in IP theft, espionage, fraud and IT sabotage. Along with the argumentative idea of the technical approach towards the solution of the problem, other mentioned issues will be processed, because Insider threat is a people-centric issue. People are complex beings, hence the approach to a solution must be versatile. Attention will be given to the positive practices of Identity based security, host based security, end-to-end security and compliance for cloud and virtual environments. Likewise, we will observe the negative practices and possible approaches to the problem of organizational factors contributing to insider attacks, with the aim to introduce environment where being an insider is not easy.