“Securing the keys to the IT kingdom.” Credentials / Identities are required to unlock all privileged accounts, and they are pursued by external attackers and malicious insiders as a way to gain direct access to the heart of the enterprise. As a consequence, an organization’s critical systems and sensitive data are only as secure as the privileged credentials required to access these assets
Each enterprise should ask itself minimally these 4 questions
- Can you tell who used a certain username and can you traceback the activities?
- How many admins share the same credential to a system?
- What happens when an admin leaves?
- When an outsider resides inside, how do you secure the assets?