Sign up to save your podcasts
Or
Share Shared Accounts
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Shared Accounts
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-shared-accounts/)
As bad as all security professionals know, shared accounts are a fact in the business world. They still linger, and from an operational standpoint they're hard to secure and get accountability. Why are they still around and what can be done about them?
Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and sponsored guest Jake King (@jakeking), CEO, Cmd.
Thanks to this week's podcast sponsor, Cmd.
Cmd provides a lightweight platform for hardening production Linux. Small and large companies alike use Cmd to address auditing gaps, implement controls that keep DevOps safe, and trigger alerts on hard-to-find threats. With out-of-the-box policies that make setup easy, Cmd is leading the way in native protection of critical systems.
On this episode of Defense in Depth, you'll learn:
- As much as it makes security professionals cringe, shared accounts are a business reality that can't be avoided.
- Certain business processes force shared accounts to exist, but that doesn't mean as a security professional you shouldn't grill to find out why the shared account exists and if there's a way you can remove that shared privilege.
- Get an inventory of your shared accounts. Also, you can do this with mapping credentials with location information.
- Time pressures in a physical environment often force shared accounts.
- You need to shine a light on shared accounts even if they're not going to go away. It's part of your GRC (governance, risk, and compliance) program.
- There are compensating controls one can put around shared accounts such as password rotation, monitoring usage, and alerts.
- Privileged access management (PAM) is the favorite solution for dealing with shared accounts. Often you don't need compensating controls if you have a dynamic PAM solution in place.
- The need for accountability is key here. If you don't have an equal understanding of its importance then those eventual issues are simply going to magnify.
View all episodes
By David Spark, Steve Zalewski, Geoff Belknap
4.8
7373 ratings
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-shared-accounts/)
As bad as all security professionals know, shared accounts are a fact in the business world. They still linger, and from an operational standpoint they're hard to secure and get accountability. Why are they still around and what can be done about them?
Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and sponsored guest Jake King (@jakeking), CEO, Cmd.
Thanks to this week's podcast sponsor, Cmd.
Cmd provides a lightweight platform for hardening production Linux. Small and large companies alike use Cmd to address auditing gaps, implement controls that keep DevOps safe, and trigger alerts on hard-to-find threats. With out-of-the-box policies that make setup easy, Cmd is leading the way in native protection of critical systems.
On this episode of Defense in Depth, you'll learn:
- As much as it makes security professionals cringe, shared accounts are a business reality that can't be avoided.
- Certain business processes force shared accounts to exist, but that doesn't mean as a security professional you shouldn't grill to find out why the shared account exists and if there's a way you can remove that shared privilege.
- Get an inventory of your shared accounts. Also, you can do this with mapping credentials with location information.
- Time pressures in a physical environment often force shared accounts.
- You need to shine a light on shared accounts even if they're not going to go away. It's part of your GRC (governance, risk, and compliance) program.
- There are compensating controls one can put around shared accounts such as password rotation, monitoring usage, and alerts.
- Privileged access management (PAM) is the favorite solution for dealing with shared accounts. Often you don't need compensating controls if you have a dynamic PAM solution in place.
- The need for accountability is key here. If you don't have an equal understanding of its importance then those eventual issues are simply going to magnify.
More shows like Defense in Depth
View all
Hacked
187 Listeners
Security Now (Audio)
2,008 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,021 Listeners
Smashing Security
319 Listeners
Click Here
415 Listeners
Darknet Diaries
8,061 Listeners
Cybersecurity Today
179 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
188 Listeners
Cybersecurity Headlines
139 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
168 Listeners