It doesn't matter how strong your password is if it can simply be stolen. And right now there are too many ways to do just that. This applies to privileged accounts as much as end-user accounts. And the issue isn't limited to on-premise systems – it affects the cloud as well. In fact I know of at least one company that actually went out of business because of privileged access to their Amazon Web Services account was compromised.
Just a few of the methods or risks include:
- Pass-the-hash
- Pass-the-ticket
- Harvesting cached credentials
- Harvesting saved passwords
- Keystroke logging
- Man-in-the-middle attacks
- Mimikatz
- Hash cracking
- Session hijacking
And the list goes on. In this real training for free webinar ™ I will provide an overview of the risks listed above so that you can zero in on what the real issue is. There are technical things you can do to combat each one of these and we'll discuss them.
But there's also a number of other more strategic controls you can put in place to comprehensively protect all important admin credentials including:
- Don't logon to untrusted systems with privileged accounts
- Harden and update endpoints to reduce admin credential artifacts and other weaknesses. New controls in Windows 2012, 8, 2016 and 10 specifically address this.
- Use jump boxes and 2-factor authentication
- Implement new features in windows
- Change the password every time it's used
- Arbitrary code protection
- Implement enterprise privileged credential management
We'll talk about how to address it with these 7 controls and I will demonstrate some of them. BeyondTrust, our sponsor, will briefly show how their PowerBroker Password Safe helps you eliminate the risk of stolen admin credentials by automatically changing the password every time it's used and more.
This is going to be a very technical and practical webinar. Don't miss this real training for free event ™. Please register now.