The Uber breach is on your doorstep as an IT service provider. You can use this breach as an educational moment for your clients. They are the first line of defense to stop social engineering hacks. This is also an educational moment for your techs.
In the case of this Uber breach, we know that the breach happened through a social engineering hack that led to file access which led to the leak of admin credentials in a script file. IT service providers should be above this. With the potential of ransom, exposure and reputation costs, no one wants to be the cause of the weak point.
Techs are one of the multiple lines of defense in this type of hack. Make sure they are not doing anything that could lead to furthering this type of hack.
- Don’t put admin credentials in a script.
- Don’t have static credentials that could be used in a script.
- Don’t have single shared admin accounts that multiple people have access to or could use.
All of these issues are addressed with unique accounts for each tech at each client with automation to change credentials on a regular basis. A shared admin account is way more likely to get put in a script (by a lazy or busy tech) than an account with their name on it. A password that doesn’t change is also more likely to get put in a script than one that rotates automatically every day. If a tech knows that the script will fail tomorrow because the password they put in will change very soon, they are far more likely to figure out a better, and more secure way to do whatever the script is doing.
Using tools like documentation and password vaults to store credentials for tech access into your clients, may slightly help with timeliness but fall short in proper security practices. Named accounts for every tech, into every client is a requirement, not a wish. Automation is the key to solving the PAM issue that IT service providers face.
We, at Ruffian Software, had these pains in mind when we created TechIDManager. When you use TechIDManager, here are some of the highlights;
- Automation of the creation (and disabling) of named accounts; eliminating the need to share admin accounts.
- Rights and permissions management.
- Automatic password changes.
- Downtime tolerant.
- Inject your unique credentials into client access points with minimal effort.
- Become more compliant with security frameworks.
Before you can truly help your clients with proper access management, you must first have proper access management into their systems.