On the subject of privilege, organisations should implement a policy of ‘least privilege’. This states that
staff only have access to those files and folders necessary to do their jobs. ‘Least privilege’ restricts the
ability of cybercriminals to move through a network as each account is limited in what it can access.
A multi-layered approach
Even with the best cybersecurity tech in the world, threat actors will still try to break into a system by
preying on human weakness. To mitigate this, staff need to be trained to become cybersecurity aware,
including how to create strong passwords and to recognise the traits of a phishing attack.
As a further layer of defence, system administrators should have an account for day-to-day use and one
specifically for performing system changes. Such admin accounts should be restricted to assigned
systems to limit the potential of cybercriminals accessing an entire network by breaking into just one
account.
By proactively implementing this multi-layered approach to cybersecurity, businesses can ensure
cybercriminals don’t strike gold in their efforts to access Active Directory.
About the Author
Matt Lock, Director of Sales Engineers, Varonis.Matt has more than 17 years’
experience in the field of Network Security, which includes extensive contracts
with many global businesses, including BP and JPMorgan. Specialising in risk
assessment, risk management, policy compliance, security reviews and
managing network behaviour anomaly systems, Matthew now leads Varonis’
sales engineering team in the UK, Ireland and Middle East, ensuring the team
is helping customers and partners from a range of sectors in data governance
projects, and organizing, securing and managing their unstructured data.Matt
can be reached at @Varonis and at our company website
https://www.varonis.com/