Delinea Reduces Risk Of Lateral Movement In Cybersecurity Breaches
Delinea has announced the latest version of Cloud Suite, part of its Server PAM solution, which provides privileged access to and authorisation for servers. Updates include more granular support for just-in-time (JIT) and just-enough privilege access automation, and improved identity assurance through enforced human interaction when prompted for multi-factor authentication (MFA) at server log-in or privilege elevation.
A 30-day study conducted by VMware revealed that almost 45% of intrusions also included a lateral movement event. The most common MITRE ATT&CK techniques associated with lateral movement were Samba/Windows Admin Shares, Pass the Hash, SSH, and RDP. The best defenses against these techniques include limiting the standing privilege for enterprise identities and presenting users with additional challenges that validate their identity when accessing and granting elevated privileges on servers containing critical business data. Implementing just-in-time and just-enough privileges can prevent bad actors from executing damaging commands using the abovementioned techniques.
Authentication and authorisation work together to limit lateral movement
Recent updates to Cloud Suite’s privilege elevation controls allow administrators to request specific commands or sets of commands from within the interface when accessing local or cloud-hosted servers. Policies can be set up to automate just-in-time and just-enough privilege scenarios, reducing the risk related to standing privileges and aligning with Zero Trust best practices.
Additionally, enhancements to the MFA enforcement functionality in Cloud Suite now involve additional requirements for human interaction to authenticate and cannot be bypassed through automation.
“The ability to limit standing privileges at the host level and enforce authentication at server login and at privilege elevation is unique to Delinea,” said Phil Calvin, Chief Product Officer at Delinea. “We continue to refine and focus our solutions with the most current and modern privileged access best practices, helping our customers reduce the risk and impact of cyberattacks.”
Additional updates in this release include support for FastSQL, further improving the performance, security, and scalability of Cloud Suite.