Why Privileged Account Management is a Cyber Essentials Essential

Getting Privileged Account Management Direction from Cyber Essentials

When it’s hard to know how to protect against so many sophisticated threats, many businesses are turning to the UK Government’s Cyber Essentials framework for guidance.

It’s an effective way to establish a strong baseline for security – although, as we’ve discussed, the best protection goes beyond the basics. It’s also a badge of honour for building customer confidence, whether you’re displaying the self-assessed Cyber Essentials badge or the more detailed Cyber Essentials Plus standard.

But when securing your configuration and taking care of user access control is such a big part of the framework, even meeting these basic requirements can feel like an overwhelming task.

Cyber Essentials and Privileged Passwords

There are two areas of Cyber Essentials that cover the privileged passwords within your organisation.

First, you’re expected to implement a secure configuration. This includes:

  • Removing unnecessary user accounts
  • Changing default passwords

However, that’s not as simple as it sounds when so many of your applications, operating systems, and devices create privileged accounts by default. It’s hard to keep track of them all, let alone make sure your policies are being appropriately enforced.

Second, the Cyber Essentials framework includes detailed guidance for user access control, including:

  • Restricting privileged access to a limited number of authorised individuals
  • Documenting, securely storing, and regularly reviewing the details of those special privileges
  • Enforcing password change policies on those accounts
  • Removing accounts when they’re no longer required, or when they’re not actively being used

The challenges there go beyond simply discovering all your privileged accounts. To meet these guidelines, you need to maintain absolute visibility and remember to keep passwords and open accounts up-to-date when things change.

That’s all in the real world, the one you work in – where those privileged accounts aren’t tied to individuals. They’re liberally shared between entire teams of people that will or could need access, making it harder to know who can access what at any given moment.

Before you know it, taking care of your privileged accounts drains all your time, money, and energy. You struggle to keep up.

And it’s right then that the account you’ve missed is the one an internal or external attacker gets hold of.

Discover and secure your privileged accounts

The answer is in automation. It’s in taking advantage of the right technology to discover all your privileged accounts, then streamlining the way you manage them day-to-day.

Thycotic, specialists in Privileged Account Management, make it easier for businesses to meet the guidelines of Cyber Essentials – and, in many cases, exceed them.

With the free Privileged Account Discovery Tool, available for Windows and UNIX, you can discover every privileged account and get a detailed, management-ready report. Best of all, it’s a free tool to help you understand the scale of the problem.

From there, make the most of your opportunity to keep those accounts secure.

Thycotic Secret Server lets you store your privileged account details in an AES 256-bit encrypted repository where your passwords can be securely accessed, your policies can be enforced, and every interaction is logged in a detailed audit trail.

It’s the most efficient – and cost-effective – way to meet Cyber Essentials guidelines and keep your privileged accounts protected against a growing threat.

Written by