Q: Are there extra steps I can take to protect my company’s data?
A: Given the growing number of cyberattacks companies need to be more vigilant — especially when a breach has the potential to significantly disrupt business. The term “privileged access” refers to special network access or IT capabilities above and beyond those that apply to standard users. A human user, such as an IT administrator, can have privileged access. It can also be granted to a non-human user, like an application.
Here are some privileged access management best practices that can help companies educate privileged access users and protect their data:
- Educate privileged access users on current cyber threats and best practices, including using unique pass-phrases for their accounts.
- Require multi-factor authentication for privileged access accounts, including SaaS, admins and privileged business users.
- Maintain a centrally managed, digital vault to hold well-known infrastructure accounts; automatically rotate passwords after each use.
- Vault any privileged accounts used by third-party applications.
- Conduct “red team/blue team” simulations, where members of your IT department role-play as attackers and attempt to exploit security weaknesses in your systems. This way, you can identify the weaknesses and address them.
For more information on protecting your company’s private data, visit key.com/payments.
This material is presented for informational purposes and shouldn’t be construed as individual financial advice. KeyBank doesn’t provide legal advice. Member FDIC. CFMA #220909-171494.
President & Commercial Sales Leader
KeyBank Michigan Market