Attivo Networks Blogs

Seven Steps to Secure Privileged Access

SC media logo

Gartner released the first-ever Magic Quadrant for Privileged Access Management,1 shining a spotlight on what may be the largest security vulnerability enterprises face today.

Privileged accounts, credentials and secrets are “the keys to the kingdom” and they exist everywhere —on-premises, in the cloud, across DevOps environments and on endpoints. Attackers know this, which is why a majority of the most destructive cyber attacks of this decade exploited privileged access.

According to Gartner, privileged account management is the number one security project CISOs out of the company’s top security projects for 2018.2 If privilege is part of your strategic security priorities, here are seven steps to drive down the risk associated with unprotected privileged access:

  1. Eliminate Network Takeovers: Attackers that gain access to domain controllers can take over your network and cause long term damage. Privileged credentials associated with these assets should be moved to a centralized and automated PAM system with MFA to protect it.
  2. Control and Secure Infrastructure Accounts: Privileged credentials in on-premised and cloud infrastructure accounts are some of the riskiest in any organization, from server admin to database instance accounts, these credentials should be vaulted with passwords automatically rotated periodically and after every use.
  3. Limit Lateral Movement: Lateral movement is critical to advance attacks – this is when attackers study your infrastructure and find its weak spots. To limit attackers’ movement, remove local admin rights on IT Windows workstations to stop credential theft.
  4. Block the Third Party Backdoor: Attackers attack third-party vendors and supply chain partners as a way to infiltrate target organizations. To minimize risk, it’s important to vault all privileged credentials used by third-party applications and vendors and to rotate credentials frequently.


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

5 × three =

Ready to find out what’s lurking in your network?

Scroll to Top