Phone Number +1-202-802-9399 (US)

Thycotic is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

How to kick start your least privilege strategy

Written by Joseph Carson

January 15th, 2019

The matter of least privilege cybersecurity has become a priority for companies across the spectrum. One of the big reasons, of course, is that 80 percent of breaches today involve the compromise of IT and business user credentials including usernames and passwords.  To combat the exploitation of compromised accounts, organizations increasingly recognize how important it is to secure and protect privileged access across the enterprise for super users and business users, services, applications, data and systems.

The concept of least privilege cybersecurity has come to the forefront because it offers a means to proactively make sure that when credentials are hacked or abused (and we should assume they will be sooner or later), privileges are restricted or limited so that any exploitation can be quickly detected and contained.  This is particularly important in securing hundreds or even thousands of vulnerable endpoints.  However, restricting privileged access poses significant challenges that must be addressed.

How do we prevent overprivileged access without negatively impacting productivity?

If users can’t get access to an account, server or device such as a printer or application, they will have to call the helpdesk. Helpdesk staff, under pressure to keep things running, all too often end up granting more privileges than needed to get users quickly back on track.  The dilemma becomes:  How do we prevent overprivileged access by users, applications and services without negatively impacting productivity?

To help organizations understand the principle of least privilege and how to successfully implement a least privilege strategy, I’ve just authored a new eBook, published by Thycotic called Least Privilege Cybersecurity for Dummies.

Much like the previous two “Dummies” books that I’ve authored (PAM for Dummies, Cybersecurity for Dummies), this new book gives you an easily readable 16-page introduction to least privilege cybersecurity that you can share with your IT staff as well as business users and executives.

Learn the five key action steps to help assure success in implementing least privilege

The book explains how to define least privilege cybersecurity, with examples to illustrate the dangers of overprivileged users. It shows how to lay the proper groundwork for implementing a least privilege strategy in terms of identifying critical data assets, mapping them to privileged accounts, and incorporating a privileged account lifecycle of protection.  It then provides five key action steps to help assure success in implementing least privilege, including the combination of least privilege with application control—essential to any least privilege plan.

Before you make any decisions to deploy an Endpoint Protection Platform (EPP), or any kind of complex Endpoint Discovery and Remediation (EDR) solution, you need to consider how a implementing a least privilege strategy with application control could work in your organization.  It could save you enormous amounts of time and resources by limiting privileges to stop exploits in their tracks.

Remember, all it takes is one compromised endpoint with local administrator rights for a cyber criminal or malicious insider to exploit your network undetected and put your entire enterprise at risk.  Your journey to a least privilege solution starts by reading this free eBook.

Related Reading:
See what other IT security professionals are saying about least privilege in our 2020 Global State of Least Privilege Cyber Security Survey Results

Looking for examples of least privilege?
Read our illustrated post: Least Privilege Examples