Simply because an IT employee leaves your organization doesn’t mean you’ve heard the last from him.
Here’s a recent case in point. According to Data Breach Today, “A federal criminal case alleges that a former Hewlett-Packard Enterprise Corp employee shut down Oregon’s Medicaid information systems for several hours after the vendor laid him off.”
As incidents like this show, ex-employees can wreak significant havoc on their former employers’ networks using the same privileged logins they had while employed.
But these unfortunate affairs could be prevented – or at least significantly minimized. It starts with securing privileged access.
Control Privileged Access
Privileged accounts, like administrator or root, are often referred to as “the keys to the IT kingdom” for a reason. These “god” accounts allow anyone who knows the account passwords to install or remove programs, reconfigure machines and access systems that contain sensitive data. And, when left unsecured, they can be used as a backdoor for later reentry by former IT staff.
It’s astonishingly common in both corporate and government networks to share these administrative passwords across multiple systems. It’s also common for admin passwords to remain unchanged for extended periods of time, and used without any access control or audit records. Bad policies all.
Here’s a better idea. Get control over privileged accounts. Start by generating unique passwords for each individual account on the network. That eliminates shared passwords. Then, change these passwords frequently. That takes care of the static admin password problem. Also, make sure your privileged passwords are only available to delegated personnel, for a limited time. That ensures there’s no more anonymous and unlimited privileged access – for anyone.
Better still – automate the entire process with our cross-platform privileged identity management solution. That will go a long way toward ensuring that any employees and contractors intent on mischief cannot access your systems after they leave – whether it’s for the day or forever.
If you like this topic, please subscribe to our Cyber Defense Newsletter.
You can also follow us on Twitter.