Privileged Access Problem Statement
All organizations have privileged accounts. Systems like Windows, Unix, core middleware and applications all come with them built in. Without them, systems would not function. These "God-like" accounts are essential...and they are a huge problem.
Normally these highly privileged accounts...(they are called that because they are so powerful) are used by whole teams of people; the Windows system admins all need to be able to access Administrator on all the Windows systems in an organization, for instance. This means they either have the same password, or you need a way for them to find the password, which them makes it problematic if the password is changed.
Not only will sysadmins use these accounts, but so will malware and worms, as well as bad people on the inside or intruders that found their way in from the outside.
Most organizations recognize they need tooling, but there is so much analysis that needs to be done before even thinking about deploying a technology solution.
The process of how the business and developer community functions on a day-to-day needs to change as there is no monitoring or auditing and that is a major risk.
Who Poses an Insider Threat?
49% of insider breaches are caused by phishing and once inside, a high-value identity is compromised and privileged credentials are compromised.
In 70% of cyber attacks with a known motive, there is a secondary victim, targeted due to trusted access
Malicious insiders know their way around the systems and the value of admin accounts. 50% are current employees and 50% are former employees.