Locking down privileged accounts is a basic security tenet and a priority for servers. Unfortunately, in many organizations the same level of concern and control is rarely applied to workstations. Yet for many years, individual desktops/laptops have contained as much sensitive information as servers. As such these systems are a prime target for threat actors, especially Microsoft® Windows® workstations, given their broad use within businesses.
Think about what’s on the laptops of the CEO, the HR director, the software architect, or the CFO in any given organization. This may be information that doesn’t make it to servers, yet is extremely sensitive and potentially as valuable to a threat actor as data on a file or database server.
For attackers, the path of least resistance in many organizations is the overuse of accounts with broad and deep privileges on Windows workstations. The unfortunate reality is that workstation security too often focuses solely on the threat of malware and viruses but ignores the simple threat of unsecured privileged user accounts.
Read this white paper to learn how to mitigate these risks.