Intelligent CIO Europe Issue 30 | Page 58

INFOGRAPHIC Privileged passwo management bes practices and ben Brian Chappell, Director, Product Management at BeyondTrust, explains the best practices and benef privileged password management. Privileged password management refers to the practice and techniques of securely controlling credentials for privileged accounts, services, systems, applications, machines and more. The ultimate goal of privileged password management is to reduce risk by identifying, securely storing and centrally managing every credential that provides elevated access. Privileged password management works hand-in-hand with implementing least privilege and should be a foundational element of any organisation’s privileged access management (PAM) initiatives. Whereas in decades past, an entire enterprise might be sufficiently managed through just a handful of credentials, today’s environmental complexity means privileged credentials are needed for a multitude of different privileged account types (from domain admin and sysadmin to workstations with admin rights), operating systems (Windows, Unix, Linux, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media and more. premises and cloud infra should include every pla Bring privileged cred centralised manage Optimally, the onboardi at the time of password otherwise shortly therea discovery scan. Silos of in (i.e. DevOps) independe own passwords are a rec sprawl and human error Implement passwor Rotation policies should privileged account, syst hardware and IoT devic service, etc. This reduce for password reuse atta should be unique, never Most likely, achieving holistic enterprise password management will follow the course of a graduated approach but it’s essential that you focus on these eight areas. Discover all privileged accounts This includes shared admin, user, application and service accounts, SSH keys, database accounts, cloud and social media accounts and other privileged credentials – including those used by vendors – across your on- 30 INTELLIGENTCIO