Best Practices for Managing Privileged Access in an Enterprise

A BeyondTrust study looks at what separates top-tier and bottom-tier organizations when it comes to privileged access management.

Among the best practices that are widely embraced by top-tier organizations is to grant privilege to apps, rather than the user.

A good best practice in any organization is to have a process that cycles user passwords on a regular basis. According to BeyondTrust’s report, cycling passwords often or always is done by 76 percent of top-tier organizations.

Keeping track of how privileged accounts are used is a monitoring activity that can help to limit risk. Seventy-one percent of top-tier and 49 percent of bottom-tier organizations in the BeyondTrust study do, in fact, monitor the sessions of privileged accounts.

A core element of being able to effectively secure privileged accounts is to have a system for managing credentials. Top-tier organizations mostly indicated they are efficient at managing credentials, while those in the bottom tiers are somewhat less efficient.

The difference between what constitutes a top-tier and a bottom-tier organization in BeyondTrust’s study is exemplified in the use of an enterprise platform for managing privileged access. The majority (78 percent) of top-tier organizations have an enterprise solution, while 39 percent of bottom-tier organizations do not.

Different applications and systems represent different levels of risk. Properly understanding what the risks with the use of a tool is a best practice for privileged access management. That said, only 57 percent of BeyondTrust’s top-tier respondent group in fact have a tool that provides risk assessment.