Break Glass Accounts What are They скачать в хорошем качестве

Break Glass Accounts What are They

Last week, we talked about the Uber breach and it was very transparent to everyone that the break glass accounts stored in plain/text in a powershell script were the most critical component of this breach which allowed the malicious actor to laterally move and elevate privileges. Today, we're going to do a deep dive on those Break Glass accounts, what they are, when should they be used and how should they be setup and protected. We will cover what is a Break Glass Account and why we need it. How Many Emergency Accounts Should You Have? What Roles Should Break Glass Accounts Have? How are the credentials for these accounts controlled? What situations would warrant the use of these accounts? What measures are in place to monitor these accounts, and to alert when used? How do these accounts fit into the larger security strategy of the organization? Break glass accounts are critical to ensure your continuity of operations but can become your biggest threats. You must minimize and control access, ensure proper alerting and notifications are in place if they're activated and test those accounts regularly. These accounts must be stored in a physical safe, limited to selected few, requiring at least 2 people, often one with a username and one with the password. Thanks to Evan Brothers and his great hands on article, learn more at:   / building-your-azure-ad-break-glass-emergen...