Upload File

don’t be a target: secure your service desk

21
Don’t Be a Target: Secure Your Service Desk Donald Hasson Director of ITSM Product Management – Bomgar November 2, 2017

Upload: others

Post on 27-May-2022

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Don’t Be a Target: Secure Your Service Desk

Don’t Be a Target: Secure Your Service Desk

Donald Hasson

Director of ITSM Product Management – Bomgar

November 2, 2017

Page 2: Don’t Be a Target: Secure Your Service Desk

Agenda

• A Quick Survey

• Cyberbreach risk factors

• The Service Desk and Privileged Credentials

• Cyberbreach Process

• Solutions and Approaches

Page 3: Don’t Be a Target: Secure Your Service Desk
Page 4: Don’t Be a Target: Secure Your Service Desk
Page 5: Don’t Be a Target: Secure Your Service Desk
Page 6: Don’t Be a Target: Secure Your Service Desk
Page 7: Don’t Be a Target: Secure Your Service Desk

Privileged Accounts are the Prize

What are Privileged User Accounts?

• One or more “superuser” accounts that contain the rights necessary to perform administrative, maintenance, and other key system tasks

• Built into every IT application and system

• Typically shared among several people

Why are they so problematic?

• They are all powerful

• They are shared

• They are anonymous

• But, we can’t live without them!

80% of all securitybreaches involve misuse of

administrative privilegesPrivileged Identify Management Trends Forrester, June 2015

“ “

Page 8: Don’t Be a Target: Secure Your Service Desk

External threatIntentional or Accidental

• Domain Admins can see everything• Workstation Admins can see almost

everything• Exchange admins can read emails• DBAs can export financial data• Application admins can insert

malicious code• Data, Data, Data

Verizon Data Breach Investigations Report found that one in five security incidents is caused by privileged account misuse

Insider threat

Key target in data breaches

Allow for lateral movement

How are they stolen?• Guessed• Seen (Shoulder surfing)• Stolen by Malware / Spyware• Other Keystroke loggers

• It’s EASY!

Risks of Privileged Accounts

Page 9: Don’t Be a Target: Secure Your Service Desk

80% of all securitybreaches involve misuse of administrative privileges.

Privileged Identify Management Trends Forrester, June 2015

Page 10: Don’t Be a Target: Secure Your Service Desk

Cyber Breaches Show No Sign Of Slowing Down

Targeted attacks on corporate IT networks have increased in scale and public visibility

Hacker objective = bypass perimeter security, by stealing legitimate credentials to gain access

Phishing tactics are increasingly sophisticated and often involve social engineering

Page 11: Don’t Be a Target: Secure Your Service Desk

Exploitation

ReconnaissanceLocate targets and develop a plan of attack based on network vulnerabilities

How It Works - The Cyber Breach Attack Process

Target

EcosystemHacker

ecosystem

Reconnaissance

Infiltration

Exfiltration

ExploitationExpand access by elevating user privileges and moving laterally across the network

ExfiltrationData is transferred externally from the network using exfiltration malware

InfiltrationExploit vulnerabilities to acquire initial access

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

Page 12: Don’t Be a Target: Secure Your Service Desk

Credentials are Another Key Point of Vulnerability

• Privileged user accounts can’t be accessed without credentials, but the volume of credentials to keep track of is high

• Often stored insecurely and in plain text, such as on sticky notes or in spreadsheets

• Infrequently used credentials are often forgotten

• May be non-compliant, repeated, rarely or never changed, or shared with the wrong person

63% of confirmeddata breaches involved weak, default, or stolen passwords Verizon 2016 Data Breach Report

“ “

Page 13: Don’t Be a Target: Secure Your Service Desk

1. Get in (Phishing)

2. Steal 1st Credential

Example - Hacking and Lateral Movement

Page 14: Don’t Be a Target: Secure Your Service Desk

1. Get in (Phishing)

2. Steal 1st Credential

3. Move Laterally

4. Get Domain Admin

Example - Hacking and Lateral Movement

Page 15: Don’t Be a Target: Secure Your Service Desk

1. Get in (Phishing)

2. Steal 1st Credential

3. Move Laterally

4. Get Domain Admin

5. Execute Mission

Example - Hacking and Lateral Movement

Page 16: Don’t Be a Target: Secure Your Service Desk

Attack Timeline

Reconnaissance Attacker Undetected – Stealing Data

24-48hours

First HostCompromised

Domain Admin Compromised

According to Microsoft, the average time it takes to go from initial compromise to full Domain Admin privileges is 24-48 Hours

Page 17: Don’t Be a Target: Secure Your Service Desk

CORPORATE NETWORK

SECURED NETWORK AREA

EMPLOYEES /ADMINSTRATORS

Insider Risks

Intentional and Malicious For Profit

For Curiosity

For Social Justice

Accidental Downtime

Loss of Data

74% of organizationsfeel vulnerable to insiderthreats — 7% from previous yearInsider Threat Spotlight Report 2016, Crowd Research

“ “

Page 18: Don’t Be a Target: Secure Your Service Desk

Insider Risks

Page 19: Don’t Be a Target: Secure Your Service Desk

Risk Factors in the Service Desk

Service desk technicians require privileged access to do their jobs

• Often granted “all or nothing” access

• Account info stored insecurely (sticky notes, spreadsheets)

• Often one of the largest groups of privileged users

Common personnel practices may mean security is not at the forefront

• Short training cycles, often focused on product/company knowledge, not security

• Turnover – do former employees still have access

98% of ServiceDesk users have access to admin accountsBomgar Survey, Dec 2016

“ “

Page 20: Don’t Be a Target: Secure Your Service Desk

Recommendations

Ongoing security education should be a priority for both new and tenured service desk employees

Modify corporate password policy to be stronger for privileged accounts

• More regular rotation

• Forced rotation when an employee terminates

Integrate your remote support tool with existing Identity and Access Management (IAM) software

• e.g; Microsoft Active Directory (AD)

Utilize enterprise grade password managers

• Use credential injection to streamline login process and increase productivity

Page 21: Don’t Be a Target: Secure Your Service Desk

I Don’t Use Apple Pay Because It’s Less Secure : Perception of …verma/usec2017_02_1_Huh_slides.pdf · I Don’t Use Apple Pay Because It’s Less Secure ...: Perception of Security

PMS ??? Expat USD Visa PMS ??? Debit Card Guide Non ... · logo. And don’t worry, contactless payments are as safe and secure as the Chip & PIN payments. ® Quick, easy and secure

From the Governor’s desk… · 2020-02-15 · From the Governor’s desk… Well here we are again, I’m writing this on a day with 50+ degrees expected. If that don’t get you

CS 395T Formal Model for Secure Key Exchange. uProtocols don’t run in a vacuum Security protocols are typically used as building blocks in a larger secure

Security Solution BYOD Secure - tampertech.com · BYOD SECURE SECURITY • SOLUTION Bringing your own device to work either a lap top, tablets and desk top tamper evident labels,

Assembly Instructions - Southwest Solutions Group · 2018. 8. 22. · ELECTRIC HEIGHT ADJUSTABLE DESK Assembly Instructions. ... to secure the Height Controller to the desk top. Note:

From the Desk of Pastor Jim… - WordPress.com · 07.08.2020  · From the Desk of Pastor Jim… “Don’t sin by letting anger control you.” Ephesians 4:26. It’s likely you

The Front Desk | A Monscierge GEM Report · 2015-11-13 · THE FRONT DESK IS TEllINg yOU wHaT gUESTS aRE aSKINg FOR and we don’t mean more towels In the hospitality industry, a

Treadmill Desk/Bike Desk Owner’s Manual DT7images.lifespanfitness.com/images/owners...Treadmill to DT7 Desk Assembly Bike to DT7 Desk Assembly Moving Your Treadmill Desk Treadmill

LOSFA's Home Page - January 2017 Volume 10-1 From the Desk … · 2017. 1. 30. · “Your time is limited, so don’t waste it living someone else’s life. Don’t be trapped by

LISA ROBINSON, CFLE - Oklahoma Driving Concern · Don’t drive while calling or texting. Keep your phone secure. wheel driving safely. Don’t reach for anything while driving. Don’t

SECURE MONEY ADVISORS FULL PAGE MAGAZINE AD. FINALstatic.contentres.com.s3.amazonaws.com/media/documents/216d7… · WARNING! DON’T READ THIS If You Don’t Want A Successful Retirement

CONTROL 2P - JBL...• For desk-top applications, attach a supplied angle pedestal to the bottom of each speaker as shown. • Position speakers on a desk-top or secure surface. The

Gestao Help Desk e Service Desk

S Dunn 6900 - ISACA Boise · secure that don’t necessarily make them mathematically more secure. An example he uses is the ... overlook security in exchange for using something

Developing Secure Applications with OWASP ·  · 2011-12-11Developing Secure Applications with OWASP Martin Knobloch ... Guide Application Security Desk Reference (ASDR) OWASP 8

MISSION CORNER DESK · locks in shelf (D) face bottom of finished desk as shown at right.) Press pieces together. Secure assembly by turning cam locks at least 1/2 turn clockwise

Standing Desk Modesty Panels - Caretta Workspace · Standing Desk Modesty Panels Desk Accessories Standing Desk Modesty Panels Desk Accessories Standing Desk Modesty Panels: Dimensions

From the Governor’s desk… · From the Governor’s desk… Well here we are again, I’m writing this on a day with 50+ degrees expected. If that don’t get you thinking about

Remote Support, Secure Chat and Automated Surveys for BMC ...rjrinnovations.com/rjr_docs/Bomgar_BMC-Service-Desk-Express.pdf · adds enterprise remote support, advanced diagnostic

The Complete Guide to Secure Behavior Online and in the Office · 2016-06-22 · The Common Messy Desk Mistakes to Avoid The following list presents 11 “messy desk” mistakes employees

Taking a Layered Approach What the Equifax breach can ... · “You don’t know if you are secure if you don’t test your system,” Wright said. Vulnerability assessments and penetration

Datasheet HHP DesignJet XL 3600 Multifunction PrinterP ... · SSECURE—World's most secure large-formatECURE—World's most secure large-format pprinterrinter Don’t wait in front

Maya Desk - Mocka€¦ · Maya Desk Assembly Instructions 9 mocka.co.nz | mocka.com.au Attach slide rail (I) and slide rail (H) to the underside of the side panels as shown. Secure

screens - Teknion · Desk Edge Screen Side Desk Edge Screen Curved Desk Edge Screen Desk Edge Floor Screen Side Desk Edge Floor Screen Infinity Desk Edge Screens can be attached to

DS course Security for TECS 16 - microsoft.com › en-us › research › wp...Secure configuration ⇒ some apps don’t run –Hence must be optional: “Secure my system” –Usually

BTE - Cold Email Template1leadaday.com/wp-content/files/ColdEmailTemplate.pdfCold Email Template Important people don’t have time. They are rarely at their desk. They don’t answer

DESK STRETCHES - USLI · 2020. 3. 17. · DESK STRETCHES Don’t let your desk job leave you feeling stiff. Take some time to do a little moving and shaking throughout the day in

Bullying in School: Case Study of Prevention and …with a child, Don’t play with him, don’t invite him/her to birthday parties, do not want him to sit at the same desk, etc.;

From Chairman’s Desk… Desk…

Don’t risk it – cyber secure it. Find out how and why cyber criminals target your website

The Complete Guide to Secure Behaviour Online and in the ... · The Common Messy Desk Mistakes to Avoid . The following list presents 11 “messy desk” mistakes employees are prone

Virtual Private Networks (VPNs) VPNs allow secure, remote, connections… but they don’t protect you from a compromised remote PC

Series L Adjustable Height Desk · SINGLE DESK DOUBLE DESK CORNER DESK 120 ˚ DESK The Series L Adjustable Height Desk is the 3-stage Sit/Stand solution for the modern workspace

Desk - Roll Top Desk