Completed pre-analysis of PAM and implemented risk-mitigating activities

92

THE SITUATION

A Scandinavian transportation provider needed to define how to implement privileged access management (PAM). Specifically, the question was whether the client should build an interim PAM solution that would be operational in (best case) 4 months or if it should wait for the (already planned) PAM implementation during the client’s migration to a new server environment.

WHAT WE DID

Christian completed a pre-analysis involving input factors including scope of the solution, time to deploy, and available resources compared with an assessment of risk. Additionally, mitigating activities to lower the risk of misused privileged access rights in the short run were explored as an alternative. Among the mitigating activities were; identification and revision of privileged access rights, implementation of MFA of privileged users, removal of left-over accounts, forced password rotation, separation of admin-accounts and user accounts, and finally a structured clean-up of the active directory. It was advised that the client should; focus its efforts on exploring mitigating activities to lower the risk of misused privileged access rights in the short run and prepare the migration and PAM implementation thoroughly to ensure a speedy implementation. Among the mitigating activities were; identification and revision of privileged access rights, implementation of MFA of privileged users, removal of left-over accounts, forced password rotation, separation of admin-accounts and user accounts, and finally a structured clean-up of the active directory. The activities were scoped, managed, and completed ahead of the PAM implementation.

OUTCOME

The successful implementation of the mitigating activities resulted in an improvement of the client’s security posture mainly surrounding the misuse of privileged access accounts.