Skip main navigation

Privileged Access Management

In this video, you will learn about privileged access management; that is, the level of access available to different users.
6.7
We also need to pay special regard to privileged access management. Privileged access management refers to the management of our accounts that have unusual or elevated access to resources. So we want to invest more time and energy into monitoring the use of these. So the key business driver for privileged access management is trying to reduce the risk of malicious users, people misusing their privileges. This can be deliberate or the inadvertent misuse of privileges. Something that you will see is organizations where the domain administrators have domain admin accounts, and they use those domain admin accounts as a day to day account for system access. And this is really poor practice. This is not something we should be doing.
62
We should have a day to day non-privileged account, and when we need to perform privileged functions, we use the elevated account with elevated privileges to perform those tasks. In Linux, we see the use of the superuser command sudo to perform this. In Windows we have the runas command, where we can run individual commands at a higher level if we need to. Graphically, in Windows, we can right-click on files or executables, and you can run as administrator, which is a very basic way of elevating privileges. What we should not do day to day is use our elevated, our privileged accounts for normal day to day operations.
100.4
If we have an attack, if we have a zero-day ransomware attack, the use of a domain admin account can be pretty toxic. It can result in huge portions of the network being taken down, being taken offline. There are tools that we can use to help manage privileged access management. And, in fact, standards like PCI DSS and Sarbanes-Oxley require us to have some degree of control and management of these privileged accounts. NIST Special Publication 800-53, COBIT and ITIL all have provisions and guidance on the use and management of privileged user accounts. The NIST document is free of charge, available on their website. ITIL and COBIT are available online as well. And there are products like CyberArk that help manage privileged accounts.
159.4
A SIEM system can also help with this in terms of logging and notifying when particular types of function are used. The type of privileged accounts that we’re talking about are typically accounts like root, which is Linux or Unix administrator accounts. In the Windows world, we have the administrator, the local administrator, domain administrator, and enterprise administrator. For databases, we see SA, SQL Administrator. And for Oracle, the Oracle account. There will be a variety of these privileged accounts within your organization. Individual line of business systems will have their own administrator accounts. We need to make sure, as far as is possible, we’re protecting them. Some of the dangers that surround these privileged accounts include accounts like the backup account.

In this video, you will learn about privileged access management; that is, the level of access available to different users. Specifically, it refers to the management of accounts that have unusual or elevated access to resources. In the identity and access management context, the aim is to ensure the use of this type of access is monitored correctly and appropriately.

Reflect and share: Now that you have learned about privileged access management, reflect on how this is understood in your context. Share below.

This article is from the free online

Cyber Security Foundations: Identity and Access Management

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education