by Remediant, on Apr 25, 2019
The National Cybersecurity Center of Excellence (NCCoE) is just out with a draft of its NIST Special Publication 1800-18 Privileged Account Management for the Financial Services Sector. Remediant was honored to be among the few companies NCCoE tapped to help draft the new guidelines. But the benefits will extend to the entire financial services industry. Let’s take a look at five big reasons this is the case:
The guidelines tackle the top criminal tactic in one of the most highly targeted industries
Stolen administrator credentials remain the #1 way organizations get breached. That’s a problem for any company, since privileged accounts provide elevated, often unrestricted, access to an organization’s underlying information systems and technology. Unfortunately, the rich payday from successful exfiltration of financial assets and data makes PAM credentials in financial services pretty much the Holy Grail of cyber targets. Enter NIST NCCoE’s SP 1800-18 — a best practices guide tailor-made for PAM security in financial services.
The recommendations were developed using sector-specific risk assessments
Remediant worked collaboratively with NIST NCCoE and numerous financial institutions and the Financial Sector Information Sharing and Analysis Center to identify the most-compelling risk factors encountered by this business group. We participated in conferences and met with members of the financial sector to define the main security risks to business operations. These discussions gave us a detailed understanding of strategic mission risks for such organizations. That means our guidelines are as relevant, specific and effective as possible for PAM challenges in that industry.
SP 1800-18 addresses both the “how” and “why” around PAM solutions for the sector
Unlike some existing guidance that provides general reasoning and frameworks for better PAM solutions, NIST NCCoE SP 1800-18 shares specific guidance to illustrate exactly how organizations should monitor, audit, control and manage privileged account usage in financial services. The practice guide includes reference architectures and specific use cases around the actual products and choices a company may be dealing with — including application layer PAM, organization infrastructure PAM and SIEM tools.
The guidelines are tied to JITA and other real-world PAM environments
Guidelines aren’t much good if they don’t align to how companies actually use a technology. There are a number of use cases explored in the 1800-18 guide, including the legacy approach of using password vaults. But when it comes to admin rights, many financial services companies opt for the just-in-time administration (JITA) approach to applying administrative rights to users on a real-time, as-needed basis. Thankfully, NIST NCCoE includes practical, lab-tested use cases describing how organizations actually use PAM products in JITA and other real-world applications.
SP 1800-18 includes step-by step deployment recommendations
NIST NCCoE SP 1800-18 not only shares reference architectures and real-world use cases, but also a series of operational steps and security best practices — laid out in detail for practitioners to follow. These deployment recommendations are optimized for financial services implementations and include protocols for patching, hardening, scanning and testing systems — as well as security best practices around configuring firewalls, applying encryption mechanisms, sub-networking reference design capabilities from the production network and related steps.
Ultimately we’ll see these guidelines benefit the entire financial services sector and its numerous technology vendors. That’s because — as everyone becomes better able to control, monitor, log and manage the use of privileged accounts — we’ll see financial services organizations strike a better security posture to address specific challenges that companies face every day in their business operations.