Large financial organizations have long been the target of hackers. And we know that the millions of accounts exposed to a breach or the hundreds of millions of dollars at risk make for scary headlines. With all the attention from hackers, large companies have invested heavily in preventative and reactive security software.
But a recent article in Fortune highlights how attackers are now preying on smaller organizations since large organizations and big banks have spent years tightening their security.
What does this mean? Smaller organizations have now become the next best target.
Developing and maintaining a security plan is not something that comes easy, especially for resource-strapped small and medium-sized businesses. There are multiple layers of security and a magnitude of companies for each layer offering that “magical solution.”
Start with the end user and work inward from there.
It has been widely demonstrated that end users are the weakest link. If you read the annual Verizon Data Breach Investigations Report or Data Breach Digest they are filled with incidents that highlight this weakness.
If your goal is to strengthen the weakest link – while not sacrificing end user productivity – then consider starting with endpoint least privilege. With a focus around the concept of least privilege, a security model of providing users Just Enough Rights (JER) to perform the tasks and duties related to their roles, SMBs can centralize reports on user behavior, and detect out of band actions.
As a practical application to least privilege, end users can log in and execute applications as a standard (non-administrative) user. If the user needs to run an application with elevated rights then – based on a policy, application reputation or other factors – the application can run with higher privileges without changing the privileges of the user or other applications. This helps to protect against malicious software, ransomware, escalation attacks and unauthorized lateral movement within organizations that originate at the endpoint.
Capabilities to include in an evaluation of an endpoint least privilege solution include:
- Removing excessive rights, elevating privileges to applications, not users
- Using rules to blacklist, whitelists, and greylist applications without managing massive database of signatures
- Providing vulnerability and risk visibility into applications targeted for privilege elevation
- Discovering, managing, and monitoring privileged passwords automatically
- Analyzing, recording, and reporting on privileged password, user and account behavior
The end result is that an SMB can simplify the enforcement of least privilege, reduce risk by enabling better application control on the endpoint, and reduce risk from suspicious user and system activity.
As the SMB market becomes the primary focus of attacks it is critical to have a solid security architecture that is both capable of preventing malicious actors while still allowing employees the freedoms required for their jobs. BeyondTrust provides solutions to address the critical aspects of security, and allows a centralized view rarely seen in the industry today. If you would like to see a demo of any of these capabilities, contact us today.