What are You Looking for?

October 24, 2022

The Objective of Securing Privileged Access? To Protect the Business from the Admins

The ultimate objective of securing privileged access is simple: to protect the business from the admins. When I work with security teams on how best to secure privileged access, many of the challenges and hang-ups can be traced back to this principle. 

Operational efficiency matters. If you make the process too onerous, admins will simply work around it. 

But protecting the business from what an admin can potentially do…or more likely, what a malicious actor can do after compromising the admin’s account…matters more. This one hang-up around operational efficiency results in a watered-down, ineffective privileged management approach which is directly responsible for enabling most breaches. I’ve seen it too many times to beat around the bush about it.

When examining options for securing privileged access, you will inevitably reach a crossroads where you will be forced to bias one way or the other. At the end of the day the cost of forcing your most privileged admins to jump through some additional hoops, vs. the cost to your business when those privileged accounts are used against you, are not comparable. You will not be forgiven for making your admins’ lives easier when their creds are used to melt your business and exfiltrate your data.

So while you can and should make the process as smooth as possible, you must not sacrifice effective privileged admin security on the altar of operational convenience. To quote Saruman the White, this is choosing “the way of pain”. 

Much of what passes for effective privileged access administration is in place today to satisfy regulators/auditors. That is important, but the same regulators will also have a lot to say about the breaches that occur as a consequence of poor PAM, so that isn’t a good reason for not looking at different, more effective, ways of securing privileged access.

Related posts:

  1. Connect/Okta and Identity Sync Hardening
  2. Understanding the Evolution of “Tier 0” in Modern Access Control Models
  3. Your Expensive PIM/PAM Solution Won’t Save You—But This Might
  4. Azure Has A Kerberos Problem, But It’s Not The One You Think
  5. Security and Compliance Aren’t the Same—But They Both Have the Same Objective

One of the things you might not know is that traditional PAM solutions (and traditional on-prem Active Directory) are often the first to fall in a breach. Traditional password vaulting and PAM will not (on their own) save you, and many of the reasons given for their use (such as screen recording) are irrelevant in an infrastructure-as-code world, where there’s no screen to record. You must be brave enough to think differently, and move on.

At Microsoft we have done a lot of work to make the process both operationally efficient, as well as secure. But there’s lots of nuance in this subject area, and some core principles you must get right in order to architect the right solutions. Some good resources to start with are the documentation for Securing Privileged Access, and Securing Privileged Access in Hybrid Scenarios.

Leave a Reply

Your email address will not be published. Required fields are marked *