Password overload syndrome.I've got password overload syndrome! When I went to see my doctor he quietly admitted it had got him too--as he fumbled to access my notes on-screen on·screen or on-screen adj. & adv. 1. As shown on a movie, television, or display screen. 2. Within public view; in public. ? The chap at the pharmacist strangely has it too and neither of them even works in IT! Its all come down to the fact that we all have too many pin numbers and passwords to remember. Have you ever taken the time to count up how many you use in the course of a day? Have you ever sat in front of your screen and your mind has gone absolutely blank? If you think you've got it bad what about the IT administrative guy who has got hundreds to memorize mem·o·rize tr.v. mem·o·rized, mem·o·riz·ing, mem·o·riz·es 1. To commit to memory; learn by heart. 2. Computer Science To store in memory: including the ones that give access to the most sensitive parts of the company. He may just resort to sticking them onto a post-it note Post´-it note n. 1. A small sheet of paper having the back part partly covered with a non-permanent gum which allows the note to be attached temporarily to another object, and easily removed without leaving any trace of glue on the object to , or shoving them into a drawer or onto an excel spreadsheet or word document. Hmmm--you can hear those hungry hackers licking Licking, river, c.320 mi (515 km) long, rising in E Ky. and flowing NW to the Ohio River opposite Cincinnati; the North and South Forks are its chief tributaries. their lips at the very thought, and all those aggrieved ag·grieved adj. 1. Feeling distress or affliction. 2. Treated wrongly; offended. 3. Law Treated unjustly, as by denial of or infringement upon one's legal rights. staff thinking yippee yip·pee interj. Informal Used to express joy or elation. yippee interj an exclamation of joy, pleasure, or anticipation this is the way I'll get back at my boss. The backbone of every enterprise infrastructure is a massive network of serves, network devices, and security and other infrastructure that creates the complex communications network The transmission channels interconnecting all client and server stations as well as all supporting hardware and software. , or nerve centre, of a company. Every day, systems, network and security administrators are logging onto these critical infrastructure points for routine maintenance, repair and application of the most updated security patches A fix to a program that eliminates a vulnerability exploited by malicious hackers. See vulnerability and patch. . Many of them are running around with "root" and "administrator" privileges, either with their personal user or with their commonly used accounts. And they're losing or forgetting them all the time! Administrators, like most of us, have the best of intentions, but the more those passwords exchange hands or remain unchanged, the greater the likelihood of a security breach. Also because administrative passwords frequently need to be shared, there is increased risk that they are just left lying around somewhere. This results in administrative passwords becoming widely known and changed less frequently. Since administrative privileges are required for emergency and disaster recovery scenarios, only a reliable password management policy can guarantee that the correct passwords will be promptly available in these time-sensitive circumstances. It's surprising how many organisations resort to storing passwords simply around the office on spreadsheets and simple databases. A quick penetration test A test of a network's vulnerabilities by having an authorized individual actually attempt to break into the network. The tester may undertake several methods, workarounds and "hacks" to gain entry, often initially getting through to one seemingly harmless section, and from there, will show just how easy it is to get at these documents. Mismanagement mis·man·age tr.v. mis·man·aged, mis·man·ag·ing, mis·man·ag·es To manage badly or carelessly. mis·man  age·ment n. of administrative passwords is a major cause of security breaches and
one of the top reasons for long recovery processes from IT failures. The
problem would be easy to fix if large organisations didn't demand
near-instant access for administrators struggling to keep up with
crashes and maintenance, or only employed female administrators. But
since this is unlikely to change, companies have to look closely at the
way passwords are saved, controlled and managed.
The most effective way to reduce the potential hazards of administrators suffering from "password overload syndrome' is to apply an effective policy, which should at the very least include the following components: * Centratised administration: Often, different IT groups control different pockets of passwords. Ifs important to take steps to take action; to move in a matter. See also: Step to create a centralised Adj. 1. centralised - drawn toward a center or brought under the control of a central authority; "centralized control of emergency relief efforts"; "centralized government" centralized policy, procedures and enforcement mechanism. Otherwise, there is no way to ensure that each business or technical unit is doing its best to protect the keys to the kingdom. * Secure storage: Administrative passwords should be securely stored in a way that offers strong authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. , granular access control, encryption and auditing to safeguard every password. * Worldwide secure availability: At the same time, reinote access is also critical. With today's distributed enterprises, administrators need access beyond network boundaries, where they can securely access and share passwords from anywhere within or outside the enterprise network. * A dual-control mechanism: This would require two or more administrators to access passwords to the most sensitive or vulnerable servers. * Routinely change passwords and track history: In addition to secure storage, the only way to ensure the long-term security of passwords is to alter them routinely. * Intuitive auditing: As passwords are used, changed or added, organisations will need to audit the whereabouts and use of passwords without poring over log files. Regulatory compliance measures are also driving routine auditing and tracking of access to vital systems. * Disaster recovery plan: Administrative accounts play a major role in recovering from incidents that range from a simple problem to a full off-site disaster recovery. Look into technologies for automated, safe replication of vital administrative information that can guarantee the availability of those accounts in time of need. * Provide a "safe haven' or vault within the network where all administrative passwords can be securely archived, transferred and shared among IT staff, on-call administrators, as well as administrators in the field. My advice to my doctor and pharmacist is keep smiling--it's the best therapy! For those IT guys there is a light and hope at the end of the tunnel--'password overload syndrome' can be beaten with new treatment--it comes down to putting the right measures and products in place for the fog to disappear and a clear conscious to emerge, once it does, they'll find those passwords are safe and secure tucked up where no-one else can get to them apart from the guys who need to. www.cyber-ark.com Calum MacLeod Calum MacLeod could refer to:
|
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion