As most of today’s corporate desk employees work in remote or hybrid environments, organizations now have more “privileged” users – someone who is authorized to perform security-relevant functions that ordinary users are not authorized to perform – than ever, allowing teammembers such as engineers, IT personnel and DevSecOps staff to access sensitive resources and to work with elevated permissions over a remote connection. Because of this, remote desktop protocol (RDP) plays a larger role in organizations as network administrators must diagnose remotely any IT problems that workers encounter. The employer also must allow these administrators remote access to other employees’ and their own physical work desktop computers. Unfortunately, while it’s a necessity in a remote environment, RDP also creates vulnerabilities. RDP is a tool used largely to connect to Windows systems remotely across a domain. Outside its use as a legitimate access utility, it’s also used by attackers to use compromised credentials to access other systems. This is what is referred to as “lateral movement.” An attacker will evaluate where compromised credentials exist and gain access through RDP to log into other systems as an administrator to extend their reach across the network. “Lateral movement is a technique used by attackers to propagate within an environment,” said Raj Dodhiawala, president and CEO of Remediant. “It enables them to extend their footprint within a network, which leads to further compromise and ultimately a full-scale breach.” Depending on their target, “this might mean data compromise, reputational damage, source code loss, among other outcomes,” he added. Dodhiawala has more than 30 years of experience in enterprise software and cybersecurity, primarily focused on bringing disruptive enterprise products to new markets. With an estimated 36.2 million U.S. employees expected to be working remotely by 2025, according to career expert company Zippia, the chances of attacks increase, and that in turn could result in even more privileged users. Dodhiawala acknowledged that when more privileged users have access to a company’s sensitive data and resources, the risk of an attacker compromising these privileges and reaching a company’s sensitive resources grows. According to a data breach intelligence report by Verizon, more than 80 percent of successful attacks used privileged credentials, yet many feel their admin access is protected by using legacy privileged access management (PAM) solutions. In fact, large investments are made in these solutions. But Dodhiawala warned that legacy PAM isn’t enough to address privileged identity sprawl and the large attack surface at organizations that bad actors exploit to Adding Power to PAM SECURITY By Bruce Christian Privileged identity sprawl puts organizations at risk 12 REMOTE WORK SOLUTIONS rwsmagazine.com
RkJQdWJsaXNoZXIy NTg4Njc=