Why workstation security is needed now
Katherine Vondrak
There’s no going back—today’s digital world continues to expand as more people work from home and more companies conduct their business operations online. According to Ladders, remote opportunities for high paying jobs ($100k+ USD) leaped from under 4% before the pandemic, to about 9% at the end of 2020. Today remote opportunities for high-paying jobs make up more than 15% of all high-paying jobs.
Establishment of remote work and rising cyberattacks
Cloud-based operations are proliferating as remote work continues to be a primary focus for many large companies. Workstation (desktops and laptops) protection online and offline through non-domain workstations is also increasingly important for organizations. Statistics show that remote work can increase the dangers of cybersecurity. Research from an IBM study reports that when remote work is a factor in causing a data breach, the average cost per breach is $1.07 million higher. This study shows that remote work as a significant part of today’s new workforce environment is translating into serious cybersecurity concerns.
As increased business traffic over unsecured networks with various workstation devices increases, so does the criminal threat that aims to take advantage of this changing landscape, leading to increasingly sophisticated computer security threats and digital crime. Workstations create an expansive attack surface and are the most common point of entry for attackers and malicious users.
The statistics back this up—the SANS Institute reports 85% of breaches involve compromised endpoints. Generic workstation users including sales, marketing, finance, and Human Resources, are easily susceptible to clicking a link or opening an attachment containing malware. If local administration privileges are not monitored and controlled, the attack can easily spread laterally or escalate privileges, resulting in a potentially catastrophic breach.
How Delinea’s Privilege Manager solution can help you safeguard your workstations
Delinea’s Privilege Manager empowers organizations to both implement a least privilege security posture and implement application control minimizing risks caused by cyberattacks and fraudulent users. Privilege Manager allows companies to automatically remove all local admin credentials from domain and non-domain managed workstation endpoints at once, including hidden or hard-coded credentials. It uses policy-based controls to elevate the applications users need to do their jobs, without requiring administrative credentials or IT support. By doing this, you tighten your attack surface and avoid spending time and resources on reactive endpoint threat detection and remediation
How workstations can be protected against cyber threats using Privilege Manager
Step 1: Discover local admin accounts
The initial step of safeguarding workstation endpoints is to discover your local administration accounts on Windows and macOS environments. Delinea provides capabilities to quickly locate local administration accounts on domain and non-domain joined machines.
Why is this important? Often end users have local administrator permissions on their workstations by default. To make matters worse, often local administration account passwords are not rotated or the same password is being used on many machines.
Step 2: Manage local admin accounts
After understanding where your local administration accounts are located, the next step is to figure out how you can manage all local admin accounts from a single yet comprehensive view. By spending time reviewing local admin accounts, you see what the local admin accounts are doing. It is in this step that you learn the activities and behaviors of local admin accounts.
Step 3: Automatically remove local admin accounts and manage privileges
Now you are ready to remove local administration accounts through an automated and scalable process. Group accounts and individual local administration accounts are managed to determine who should be given privileged access.
Application control can be established via flexible policy deployment configuration. Policy scenarios dictate which application will be allowed, denied, or elevated for additional information to determine approval. The policy determination process increases the productivity of your IT support team by automating requests that meet requirements. The system prompts additional information to determine application access where there is uncertainty. For example, a pop-up box asking users to explain why they need an unknown application can bring better insight for the need for the elevated privileged users are productive as they can run the trusted applications, they need without having to receive assistance from IT support for application rights.
Step 4: Reporting
With your local administration accounts discovered, managed, and automatically removed as needed, the last step is auditing and reporting. This includes event logging and user activity auditing. These reports are essential in meeting the ever-growing demands of compliance requirements.
To summarize, the key benefits of using Delinea’s Privilege Management for Workstations are:
Control Applications - Ensure users can only install and execute approved applications
Implement Least Privilege - Create an environment where users can perform their job role without administration rights
Improve Productivity - Ensure users and support staff are productive and efficient
Prove Compliance - Deliver reporting including event logging and user activity auditing
Try Privilege Manager for free.
Implementing Least Privilege shouldn't be hard