Rehbock joins Magix

August 2010 News & Events

There are many reasons for ignoring the management of privileged identities in business today including the failure to change default and initial login credentials for new hardware and software, to overlapping functions and responsibilities as a result of cost cutting. And then there’s the infamous failure to update someone’s access when they change jobs or to remove it completely when they leave. Arguably, the most unforgivable privileged identity sin is allowing weak access controls that are easily broken by social engineering.

Uncontrolled privileged access can pose serious risks of unwanted data access and loss, as well as disruptions in services. There is, however, a proven four-step process to ensuring the organisation’s privileged identities remain secure and well managed.

1. Identify: Identify and document all critical IT assets, their privileged accounts and interdependencies. This process can be done manually, with the associated risks, or by automated privileged identity management software. The automated approach reduces the risks and costs, while optimising the efficiency of the data collection process without human errors creeping in.

2. Delegate: Once a comprehensive list of assets and dependencies exists, a process needs to be followed to securely and efficiently assign time-managed access privileges to the relevant authorised personnel. Automating this step reduces risk and delivers privileged credentials over a secure communications channel without exposing passwords or falling prey to human error.

3. Enforce: Companies must enforce rules for password complexity, diversity and change frequency, synchronising changes across all dependencies to prevent service disruptions. Once again, automating this process is recommended to force the appropriate changes at the appropriate times.

4. Audit: The final step in ensuring securing privileged identities is ensuring that all security access or change requests, their purpose and durations are documented, and that management is made aware of unusual events. This documentation must be audited regularly to pick up anomalies. Automated privileged identity management software again provides powerful protection and features that give management better control and accountability over systems and processes.

Effective identity and access management (IAM) across the board is a crucial area business today needs to focus on. As part of this process, companies also need to pay special attention to privileged identity management processes to ensure they strictly manage access to the most sensitive areas of their infrastructure.

For more information contact Alan Rehbock, Magix Security, +27 (0)11 258 4442, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Pentagon appointed as Milestone distributor
Elvey Security Technologies News & Events Surveillance
Milestone Systems appointed Pentagon Distribution (an Elvey Group company within the Hudaco Group of Companies) as a distributor. XProtect’s open architecture means no lock-in and the ability to customise the connected video solution that will accomplish the job.

Read more...
From the editor's desk: AI and events
Technews Publishing News & Events
      Welcome to the 2024 edition of the SMART Surveillance Handbook. Reading through this issue will demonstrate that AI has undoubtedly made its mark on the surveillance industry. Like ‘traditional’ video ...

Read more...
Forbatt SA to distribute and support Tiandy in South Africa
Forbatt SA News & Events
The big news in this year’s SMART Surveillance Handbook is that Forbatt SA has signed a new distribution agreement with Tiandy Technologies. This brand has had limited exposure and support in South Africa in the past, but has posted significant growth internationally.

Read more...
Introducing the SecuShot Bullseye Robotic Guard MK2
Secutel Technologies News & Events Surveillance
The SecuShot Bullseye Robotic Guard MK2 is a marvel of modern engineering. It integrates CCTV monitoring, remote-controlled PTZ capabilities, and a gas-powered marker into a single, compact unit.

Read more...
Gallagher Security’s Integrate Roadshow
Gallagher News & Events
Gallagher Security recently teamed up with nine technology partners to showcase the latest integrated security capabilities at the Integrate Roadshow in Durban, bringing together about 60 attendees, including end users, channel partners, consultants, and other industry professionals.

Read more...
Ransomware impersonates employees and self-spreads
News & Events
Following a recent incident, the Kaspersky Global Emergency Response team is shedding light on an attack where adversaries crafted their own variant of encryption malware equipped with self-propagation capabilities.

Read more...
Level of RDP abuse unprecedented
Sophos News & Events
Cybercriminals abused Remote Desktop Protocol (RDP) in 90% of attacks handled by Sophos Incident Response in 2023, Sophos’ newest Active Adversary Report finds. External remote services were the number-one way attackers’ initially breached networks.

Read more...
Hexagon rebrands Qognify
News & Events
Hexagon’s Safety, Infrastructure & Geospatial division announced that Qognify has officially adopted the Hexagon corporate identity and fully integrated into the division as the physical security business unit.

Read more...
Five efficiency strategies for your security installation business
Securex South Africa News & Events
A recent conversation with one Securex South Africa 2024 exhibitor, led to the event organisers being able to share some advice on helping security installers make their businesses more efficient.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...