A recent Forbes article states – “The bottom line is that investing in securing perimeters leaves the most popular attack vector of all unprotected, which are privileged credentials.” We could not agree more.Some of the solutions proposed in the article, however, do not prevent privileged credential attacks – they just detect attacks, maybe, once they have occurred.
One thing that does not improve when moving to the Cloud (or outsourcing to any MSP) is privileged credential abuse. In fact, when you use the Cloud, the opportunity for privileged credential attacks expands substantially beyond what is available to attackers in the Enterprise – which is bad enough.
“It’s your worst nightmare, and a cyber attacker’s dream come true: the credentials of a privileged user getting stolen or otherwise compromised. After all, privileged users can go practically anywhere and do anything in your network as they go about the business of configuring servers and systems and setting security policies.” CSO Online, January 2018
Privileged credential abuse has been traditionally difficult to detect and stop because data security is tightly integrated into applications and applications grant unrestricted access to privileged credential users, including access to sensitive data. Cord3 separates data security from applications. This separation of data security from applications enables two critical capabilities for protecting sensitive data against privileged credential abuse.
900 Morrison Drive Suite 206
+1 343 488 8720