Managing Elevated Privileges in the Enterprise Environment

Presented at NolaCon 2015, June 12, 2015, 2 p.m. (Unknown duration)

I'm sure that we've all experienced the chaos that a user with Administrative privileges can cause. Preventing or limiting damage, regardless of the severity, is paramount to the continued long-term survival of any organization. In this talk, I will identify some of the challenges that you are likely to face from your user community when implementing least privilege. I will also demonstrate how to identify and eliminate some types of application dependencies on privilege requirements. In a culmination of these ideas, I will show one method currently being used to automate the management and tracking of elevated privileges in a real-world environment through a variety of tools and scripts. The benefits of removing Administrative privileges far outweigh the risks, but a complete analysis of the environment and discovery of dependencies needs to be performed to help facilitate the planning and preparation of the deployment.

Presenters:

• Erik Burgess
  Erik has been working in the Information Technology industry for the past twenty years, while primarily focusing on security for the past ten years. He has a diverse background, which includes work in a variety of industries and the Government sectors, which have all contributed to his vast knowledge and skill sets. Erik has a CISSP, some other certifications, and a Masters of Science in Information Assurance.

Links:

• https://nolacon.com/talk/asdfasdf

Similar Presentations:

• RomHack 2018 / "whoami /priv" - show me your Windows privileges and I will lead you to SYSTEM
• 31C3 (2014) / The Invisible Committee Returns with "Fuck Off Google": Cybernetics, Anti-Terrorism, and the ongoing case against the Tarnac 10
• DeepSec 2015 „DeepSec No. 9“ / Have We Penetrated Yet??