A practical guide to endpoint privilege management
Organisations face an increasingly complex cyberthreat landscape, making robust endpoint controls and privilege management critical to safeguarding operations across devices and applications. Theshan Mudaly, Senior Solutions Engineer, BeyondTrust, tells us how organisations can implement endpoint privilege management to reduce attack surfaces, improve efficiency and maintain productivity without compromising security.
It is not news that we are under constant attack. Businesses, citizens and governments are all worried about the cyberthreat landscape. In a study concentrating on the second half of 2024, the worldwide incidence of email-based attacks was found to have skyrocketed – a 197 % increase on the same period in 2023. The same research found that in December, the United Arab Emirates( UAE) ranked first in‘ percentage of blocked malicious URLs at the endpoint’( 16.2 %) and joint first with Singapore and Italy in malware targeting.
Endpoints are where many, if not most, cyberincidents begin. In the digital-first age, to protect economic activity, we must protect our endpoints. In recent years, as we have come to learn more about the central role of the user in cyberbreaches, endpoint privilege management solutions, sometimes referred to as privilege elevation and delegation management( PEDM) solutions, have grown in popularity.
PEDM solutions allow organisations to automate the dos and don’ ts of user activity while preserving productivity. By combining privilege management, application control and centralised administrative control, the enterprise ensures each user has the precise subset of privileges necessary to do their job optimally. Admin rights are assigned
Theshan Mudaly, Senior Solutions Engineer, BeyondTrust sparingly, only to those who cannot perform without them. In the past, these rights would have been handed out across many unnecessary users. This was done for the convenience of IT teams who had neither the time nor resources to design a privileges framework, but it led to IT environments riddled with low-level user accounts that had access to even the most sensitive areas.
The user problem
This practice extended to the assigned laptops and desktops of users. They could execute, install, run or change anything on their devices. And because it was so easy for them to do so, it became possible for them to install something by accident, or for something to be installed on their behalf without their knowledge. Threat actors begin with low-level employees, hijacking their credentials and moving laterally across an environment. Lateral movement is unencumbered where admin rights have been assigned to these low-level accounts. Malware can then run with elevated privileges, security agents can wave through harmful traffic, and software can be installed and executed with zero oversight.
All of this is bad enough before we consider the impact of cloud and multi-
44 www. intelligenttechchannels. com