Deploy Privileged Access Management Technology
Privileged access management (PAM) technology is an even safer way to handle administrative access to systems. PAM technology allows IT professionals to temporarily gain administrative access when they need it and then immediately revokes that access when it is no longer required. PAM also includes advanced monitoring capabilities that track the actions of administrators, watching carefully for signs of malicious activity or potential account compromises.
Deploying PAM on a university network is often a significant undertaking due to the breadth of systems managed by the IT team. Institutions may wish to consider prioritizing their most sensitive systems and limiting their initial deployment of a PAM solution to the areas where it will reduce the most risk.
FIND OUT: How IT can use Intel vPro to help remote management.
Automate Routine Administrative IT Tasks
People make mistakes. Even the most careful IT professional occasionally makes an errant click of the mouse or mangles an account ID. If that mistake is made while granting a user access, configuring a firewall or conducting some other sensitive security activity, the mistake may open a vulnerability that allows an intruder into a university’s technology environment.
Most IT organizations these days are pursuing automation efforts in the hope of reducing the burden on their already overworked teams. These automation efforts can also reduce the likelihood of critical errors by allowing algorithms to handle repetitive tasks in which a human might make an error.
As university technology teams deploy automation capabilities, they should look for opportunities to include critical administrative IT tasks in those projects.
DISCOVER: 5 questions to ask when evaluating cybersecurity assessments.
Educate IT Professionals About Their Responsibilities
Technologists are, generally speaking, a confident bunch. They possess advanced technical skills and are proud of the value that they bring to organizations. This attitude, however, can sometimes lead to situations where technologists cut corners to save time or have unwarranted confidence in their abilities.
Technology leaders should ensure that every IT professional in the organization understands his or her job duties as well as the security responsibilities associated with those duties. Leaders should also work to build a culture where technologists know that they’re not expected to have all the answers at their fingertips and that they can ask teammates for help when they need it.
IT professionals are among a university’s most trusted employees, and errors they make can have devastating consequences. Technology and cybersecurity leaders should take preventive steps now to reduce the likelihood and impact of serious errors.