To view the full simulation, tune in on demand. Following are steps in an example attack scenario to illustrate the power of local administrator rights. We recently held a webinar to shine a light on these endpoint security risks and explore common attack methods.
The Privileged Pathway: Endpoint Attack Simulation Yet, CyberArk research shows that 87 percent of organizations have yet to do so, which suggests that employee demands for flexibility and productivity are largely trumping security hygiene best practices. Identifying where local admin rights exist, and removing those rights, is a critical first step toward strong endpoint protection. Similarly, these powerful admin rights can be used by attackers to steal additional credentials, elevate privileges and move laterally through the network. No matter how strong your perimeter security may be – even with DLP, antivirus and other security products – a user with local admin rights can easily supersede these defenses (either unintentionally or maliciously) and install anything from unlicensed software to unsanctioned applications and dangerous malware. They can download applications, use any program, modify system configurations and even access and change powerful administrative accounts. Users with local admin rights have the power to do virtually anything they want on their workstations. The Foundation of Effective Endpoint Security
But, like many organizations, you could be overlooking a critical step in containing cyber attacks early in their lifecycle by failing to remove local administrator rights. You recognize the importance of defense-in-depth and use multiple layers of security to protect your organization’s most important data and assets.
0 kommentar(er)
