Non-human identities pose security risks for enterprises

No Comments

Non-human identities (NHIs) refer to things like API keys, service accounts, system accounts, OAuth tokens. You may not give them too much thought, but a new report from Silverfort looks at the impact they have on an organization's cybersecurity.

Active Directory service accounts -- used for machine-to-machine communication within Microsoft’s Active Directory's (AD) environments -- are the most common and regularly compromised NHIs.

Compromised accounts of this type maybe even more of a risk than human-owned ones since typically they have privileged access to sensitive machines, effectively making them admin accounts. On average, around a third of users within AD are service accounts and in smaller organizations it may be as many as half.

The study, of over 600 people responsible for identity in enterprises with over 1,000 employees, finds that on average, 30 percent of a company's user accounts are service accounts, However, only 5.7 percent of organizations have full visibility into their service accounts, leaving a huge percentage of organizations with unknown non-human identities. 80 percent of organizations say they're unable to prevent the misuse of service accounts in real time due to sporadic or absent visibility and security.

In addition 46 percent of service accounts regularly use a weak authentication protocol (NTLM), leaving them open to credential theft and abuse. Also 78 percent of organizations aren't confident they can stop an attacker performing lateral movement with compromised credentials.

The report concludes, "NHIs make up a significant portion of an organization’s total identities. The volume of NHIs will continue to climb as we accelerate the pace of automation, innovation, and the great amplifier -- artificial intelligence. Today, we analyzed a single type of NHI used at the typical organization, but it's not hard to imagine a slew of similar results if we expanded our scope and applied the analysis to other types of NHIs regularly used at organizations globally. The compromise of a single NHI service account could give attackers access to multiple resources, making it an ideal target for attackers -- sophisticated or not. And they'll rarely face much resistance, as standard security controls like traditional MFA can typically only protect human identities."

You can read more on the Silverfort blog.

Image credit: BiancoBlue/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Save $24! Get 'The Code of Honor: Embracing Ethics in Cybersecurity' for FREE

Log files: What are they, why do they matter and how to protect them?

Meta reveals more details of WhatsApp and Messenger's interoperability with third-party messaging services that's coming to Europe soon

Microsoft builds on past Windows 11 taskbar improvements with enhanced app pinning

Ubuntu Linux 24.10 codenamed ‘Oracular Oriole’ takes flight with mystical inspiration

KDE Slimbook Plasma VI brings AMD Ryzen power and AI to Linux laptop with 96GB RAM and 83wh battery

Is your network future-proofed for the age of AI?

Most Commented Stories

Forget Windows 11, the stunning Windows 10 2024 Edition is the operating system you want

34 Comments

10 shocking reasons Windows 10 outshines Windows 11

22 Comments

Rectify11 update arrives to fix Windows 11 -- download it now

18 Comments

Microsoft is testing a change to the Windows 11 Start menu that you might actually like

14 Comments

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.6.1

14 Comments

Forget TeamViewer, RustDesk is the open-source alternative you've been looking for

13 Comments

Forget Microsoft Windows 11, the Chinese-made deepin Linux 23 is the operating system you really want

12 Comments

Goodbye Windows 11, hello Linux: Discover how ExTiX Deepin 24.8 can free your computer from Microsoft

11 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.