From theregister.co.uk
Promo Back in 2008, San Francisco’s IT infrastructure ground to a halt. An engineer called Terry Childs who managed the network had consolidated all the sysadmin credentials giving access to the system’s privileged accounts, but after a dispute with the city government he refused to divulge these vital details.
Look at any major data breach and you will find that privileged credentials are the preferred route for cybercriminals and malicious insiders bent on traversing the network and wreaking havoc on an organisation’s most critical data, infrastructure and applications.
Every important IT initiative, from DevOps to cloud and business-critical apps, has an element of privilege in it. If access is left unmanaged and unsecured, this can become an ever-growing attack surface to worry about.