Blog
  • Blogs home
  • ManageEngine Products
  • About us
  • Subscribe
ManageEngineLog360
  • Features
  • Pricing
  • Download

Can a misconfigured user account lead to a security breach?

Log360 | August 4, 2020 | 2 min read

Do you remember the last time you had to reset the password for an admin user? Or the time you last updated the network share permissions for an intern? While these seem like mundane tasks, a simple misconfiguration during either of these processes could result in a security breach.

Regardless of the company’s size, IT is structured to work with different types of accounts. Every account, whether it’s a privileged user account or an external consultant account, has a pre-written job function that defines the level of access of the account. The job function also determines other characteristics, such as the period of activeness (life span) of the account and if there is a shift in a user’s position or role. These characteristics also determine the modifications in the user’s access permissions.

 Administrators, help desk technicians, and security professionals deal with various types of accounts everyday. They create them, modify them, and supervise them throughout their time in an organization. 

Why are these accounts important to consider?

Accounts dictate access to the resources in a network. From the most trivial access like a logon to a kiosk machine to highly privileged access to a confidential folder that holds domain configuration details, accounts settings directly impact security. As a matter of fact, the major reason behind some of the most devasting security breaches is a poorly managed or exposed accounts.

 Hard to believe? The recent EKANS ransomware attacks on Honda and Enel Group was due to the exposed Remote Desktop Protocol (RDP) credentials of users. The recent breach of social media giant Twitter, which led to the compromise of accounts belonging to many business leaders, elected officials, and celebrities, was the result of tricking a group of internal users and gaining access to Twitter’s administrative panel.

 Organizations often spend excess time and money establishing advanced security controls to detect sophisticated attacks but tend to pay little attention to the fundamentals of security. If the various accounts used in everyday IT activities are not configured and secured well, they can act as a gateway for malicious entry.

E-book: Accounts, privileges, and misconfigurations

The attack techniques used in many sophisticated breaches aren’t always direct, and instead take advantage of configuration mishaps and vulnerabilities with platforms that enable attackers to reach their goal. And since these attacks depend on flaws within the system, they can easily be disguised as legitimate system processes.

 Considering that administrators are typically overloaded with tasks, it’s impractical and unfair to expect them to manually monitor every account activity granularly. This e-book is a collected list of activities to do and not to do on various types of commonly used accounts.

 These are tips handpicked after listening to the most common problems voiced by various admins around the world. Following the guidelines mentioned in the e-book to the last detail will help protect your accounts from misuse and help you to safeguard your business from data breaches and insider attacks.

 

Tags : active directory account types / active directory accounts / active directory accounts protection / active directory administrators / active directory user accounts / common admin mistakes on AD accounts. / Cybersecurity / endpoint IT security / how to protect active directory accounts from attacks / how to safeguard active directory accounts from attacks / Insider attacks / krbtgt account / privilege escalation / secure active directory accounts / security breaches
Abhilash

Cancel reply

Related Posts

Cyberattacks and protecting your cloud services [E-book]

2021 saw an increase in most types of cyberattacks. The number of ransomware attacks rose by 105% (to 623.3 million attacks) and encrypted threats increased by...

M365 Manager Plus 1 min read Read

© 2022 Zoho Corporation Pvt. Ltd. All Rights Reserved.