As bad as all security professionals know, shared accounts are a fact in the business world. They still linger, and from an operational standpoint they’re hard to secure and get accountability. Why are they still around and what can be done about them?
Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and sponsored guest Jake King (@jakeking), CEO, Cmd.
Thanks to this week’s podcast sponsor, Cmd
Got feedback? Join the conversation on LinkedIn.
On this episode of Defense in Depth, you’ll learn:
- As much as it makes security professionals cringe, shared accounts are a business reality that can’t be avoided.
- Certain business processes force shared accounts to exist, but that doesn’t mean as a security professional you shouldn’t grill to find out why the shared account exists and if there’s a way you can remove that shared privilege.
- Get an inventory of your shared accounts. Also, you can do this with mapping credentials with location information.
- Time pressures in a physical environment often force shared accounts.
- You need to shine a light on shared accounts even if they’re not going to go away. It’s part of your GRC (governance, risk, and compliance) program.
- There are compensating controls one can put around shared accounts such as password rotation, monitoring usage, and alerts.
- Privileged access management (PAM) is the favorite solution for dealing with shared accounts. Often you don’t need compensating controls if you have a dynamic PAM solution in place.
- The need for accountability is key here. If you don’t have an equal understanding of its importance then those eventual issues are simply going to magnify.