We concentrate a lot on analyzing behavior – that is – what users do with the permissions they have. Or, don’t forget, it might be a case of an outside attacker hijacking a user’s entitlements.
But there’s another analysis opportunity that is more pre-emptive of threats. Behavior catches bad things when they happen but what about catching them before they happen by identifying vulnerable and high-risk accounts by mining the identity and access data across your environment?
In this webinar, we are going to look at how to go upstream and identify areas of risk before a user (or account hijacker) can abuse their access.
If we can discover problem access rights and violations before they are actually violated we will be way ahead of the game – not to mention eliminating problems before the auditor comes along. In my firm’s IT audit practice, we always found accounts with inappropriate levels of authority, outdated accounts, employees that had amassed dangerous levels of authority over time and “temporary” emergency entitlements that were never cleaned up. However, even when IT/Security can pinpoint potential excessive or anomalous risk, it may still be a business decision to determine if the risk is acceptable giving the security team direction on any potential remediation.
In this webinar, we will discuss what to look for in order to find such risks including:
• Inappropriate combinations of entitlements that allow an account to circumvent business controls
• Evaluate entitlements against risk classification of assets to identify high risk accounts
• Access Comparison and Peer Group Analysis
• Business verification of high risk access acceptability
• Entitlement creep over time
As effective as this analysis is, it does represent a lot of data collection and correlation before the analysis can even begin. That’s where my sponsor, One Identity, comes in with their Starling Identity Analytics & Risk Intelligence (IARI) solution. George Cerbone will briefly show you how Starling IARI exposes risk and access behavior enabling faster and improved security decision-making.