Introduction
The utilization of “always-on” privileged accounts has been the default mode for administrative access for the last 40 years. However, always-on access presents a massive risk surface as it means the privileged access, rights, and permissions are always active and ready to be exercised – for legitimate activities as well as for illicit ones. And this risk surface is rapidly expanding alongside the growing use of virtual, cloud, and DevOps environments and internet of things (IoT) devices. Of course, cyber threat actors are wise to what is essentially the over-provisioning of privileges via the always-on model.
Against this backdrop, it’s no surprise that the abuse and/or misuse of privileges play a role in almost every cybersecurity breach incident today, as has been widely reported by the top industry analysts and other research. With privileged access in hand, an attacker essentially becomes a malicious insider, and that’s an alarming scenario for any IT professional, all the way up through the C-level, and the Board.
