Privileged user management trips up NSA – TechTarget

A recently declassified report revealed the U.S. National Security Agency failed to fully secure its systems since the Edward Snowden leaks in 2013.

The report detailed the findings of the Department of Defense inspector general's 2016 assessment of the NSA's security efforts around privileged user management. The heavily redacted report was declassified after Charlie Savage, a Washington correspondent for The New York Times, filed a Freedom of Information Act lawsuit. The assessment looked at how the NSA handles privileged access management, and, according to the report, the NSA was found wanting.

After Edward Snowden leaked over a million files in 2013, the NSA began an initiative, dubbed Secure the Net (STN), with seven privileged user management goals. The inspector general's assessment found that the NSA met only four out of the seven goals: developing and documenting a plan for a new system administration model; assessing the number of system administrators across the enterprise; implementing two-factor access controls over data centers and machine rooms; and implementing two-factor authentication controls for system administration.

According to the report, dated Aug. 29, 2016, not all of the four privileged user management initiatives were fully met. "[The] NSA did not have guidance concerning key management and did not consistently secure server racks and other sensitive equipment in the data centers and machine rooms in accordance with the initiative requirements and policies, and did not extend two-stage authentication controls to all high-risk users," the report read.

Additionally, the assessment found that three of the seven STN initiatives for strong privileged user management were not accomplished. The NSA was supposed to "fully implement technology to oversee privileged user activities; effectively reduce the number of privileged access users; and effectively reduce the number of authorized data transfer agents."

There were 40 STN initiatives in total, though the assessment focused on the seven related to privileged access management. The conclusion reached in the assessment was, while the NSA was successful in part, it "did not fully address all the specifics of the recommendations."

Learn everything you need to know about privileged access management in the enterprise

Find out how to manage and monitor privileged user accounts

Test your privileged user management knowledge with this quiz

Visit link:

Privileged user management trips up NSA - TechTarget

WikiLeaks' Julian Assange: NSA critics got lucky because agency had no PR strategy - April 26th, 2014 [April 26th, 2014]
National Speakers Association New Jersey Chapter NSA - April 26th, 2014 [April 26th, 2014]
National Security Agency - Wikipedia, the free encyclopedia - April 26th, 2014 [April 26th, 2014]
NSA - Satu Hari Di Bulan Juni (TULUS) (COVER) - Video - April 26th, 2014 [April 26th, 2014]
Hong Kong: Protesters blow whistles for NSA whistle blower - Video - April 26th, 2014 [April 26th, 2014]
An Inside Look at the NSA With Whistleblower William Binney (Part 2 of 2) - Video - April 26th, 2014 [April 26th, 2014]
UK: China will offer fig leaves to US exposed by NSA leaker - Assange - Video - April 26th, 2014 [April 26th, 2014]
NSA ~ (Autodidactism) Whistleblowing - Video - April 27th, 2014 [April 27th, 2014]
Dropping #NSA Knowledge Like a Clumsy Librarian - Video - April 27th, 2014 [April 27th, 2014]
Full Show: Disband The NSA or; Corruption in the Capitol FO SHIZZLE {aTV002} - Video - April 27th, 2014 [April 27th, 2014]
NSA DOCUMENTARY SIX YEARS BEFORE SNOWDEN - Video - April 27th, 2014 [April 27th, 2014]
ShmooCon 2014: The NSA: Capabilities and Countermeasures - Video - April 27th, 2014 [April 27th, 2014]
NSA Knew Of Heartbleed Bug, Refused To Protect Americans - Video - April 27th, 2014 [April 27th, 2014]
Former NSA Head To Become Columnist For Conservative Paper To Discuss Intelligence - Video - April 27th, 2014 [April 27th, 2014]
An Inside Look at the NSA With Whistleblower William Binney (Part 1 of 2) - Video - April 27th, 2014 [April 27th, 2014]
Keynote Address by Shri Shivshankar Menon, NSA at International Seminar on Kautilya - Video - April 27th, 2014 [April 27th, 2014]
NSA Wiretapping: A 4th Amendment Violation?: Blake Norvell at TEDxSMU - Video - April 27th, 2014 [April 27th, 2014]
Hang with Rand: Email Privacy, NSA Spying, and Defending Our Civil Liberties - Video - April 27th, 2014 [April 27th, 2014]
NSA Surveillance and What To Do About It - Bruce Schneier - Video - April 27th, 2014 [April 27th, 2014]
READER SUBMITTED: NSA CT April 2014 Meeting - April 28th, 2014 [April 28th, 2014]
MVI 1847 Obama's NSA Denies FOIA About MH 370! - Video - April 28th, 2014 [April 28th, 2014]
George Galloway's Sputnik: Ewen MacAskill on Guardian / Edward Snowden NSA leaks (26Apr14) - Video - April 28th, 2014 [April 28th, 2014]
CIA & NSA DIRECTED ENERGY WEAPON ATTACK ON WHISTLE BLOWER - Video - April 28th, 2014 [April 28th, 2014]
Book TV - 2014 San Antonio Book Festival: Panel on the NSA, Big Brother, and Democracy - Video - April 28th, 2014 [April 28th, 2014]
NSA Throwdown: John Oliver v. 60 Minutes - April 29th, 2014 [April 29th, 2014]
NSA will sit on security vulnerabilities because of terrorism - April 29th, 2014 [April 29th, 2014]
New water records show NSA Utah Data Center likely behind schedule - April 29th, 2014 [April 29th, 2014]
MVI 1871 NSA Might Be OnTo Me! - Video - April 29th, 2014 [April 29th, 2014]
ZyXEL NSA 325 v2 Hands On - Deutsch / German notebooksbilliger.de - Video - April 29th, 2014 [April 29th, 2014]
German opposition says US should destroy Merkel's NSA file - Video - April 29th, 2014 [April 29th, 2014]
Germany: NSA spying "unacceptable" says SPD - Video - April 29th, 2014 [April 29th, 2014]
NSA Surveillance 2 - Video - April 29th, 2014 [April 29th, 2014]
NSA Surveillance Panel 1 - Video - April 29th, 2014 [April 29th, 2014]
Chalk Talk How Snowden Breached NSA Security - Video - April 29th, 2014 [April 29th, 2014]
NSA reveals some cyber security flaws are left secret - April 30th, 2014 [April 30th, 2014]
NSA data center uses less water than expected - April 30th, 2014 [April 30th, 2014]
April 2014 Breaking News Do you use Google or Yahoo? NSA Intercepts Google And Yahoo Traffic - Video - April 30th, 2014 [April 30th, 2014]
Supreme Court could weigh in on NSA case, justice says - May 1st, 2014 [May 1st, 2014]
New NSA chief: Agency has lost trust - May 1st, 2014 [May 1st, 2014]
NSA on Heartbleed: 'We're not legally allowed to lie to you' - May 1st, 2014 [May 1st, 2014]
What's The NSA Doing Now? Training More Cyberwarriors - May 1st, 2014 [May 1st, 2014]
Anonymous NSA - Video - May 1st, 2014 [May 1st, 2014]
Cutting off H2O to the NSA - Video - May 1st, 2014 [May 1st, 2014]
Brazil: Greenwald slams US media, shares tips to avoid NSA - Video - May 1st, 2014 [May 1st, 2014]
NSA IS TRYINGG 2 KILL ME FAMS - Video - May 1st, 2014 [May 1st, 2014]
What was more popular on Twitter, NSA, NRA or NBA..today? - Video - May 1st, 2014 [May 1st, 2014]
CIS111: NSA Uncovered - Video - May 1st, 2014 [May 1st, 2014]
Views from the Street on NSA Activities and Liberty (6/6) - Video - May 1st, 2014 [May 1st, 2014]
Views from the Street on NSA Activities and Liberty (4/6) - Video - May 1st, 2014 [May 1st, 2014]
Views from the Street on NSA Activities and Liberty (3/6) - Video - May 1st, 2014 [May 1st, 2014]
Views from the Street on NSA Activities and Liberty (2/6) - Video - May 1st, 2014 [May 1st, 2014]
Views from the Street on NSA Activities and Liberty (1/6) - Video - May 1st, 2014 [May 1st, 2014]
Germany: NSA may have accidentally outed secret base - Video - May 1st, 2014 [May 1st, 2014]
ZyXEL NSA 325 v2 Installations-Wizard - Deutsch / German notebooksbilliger.de - Video - May 1st, 2014 [May 1st, 2014]
Tech firms to increase alerts about police requests for data -- report - May 2nd, 2014 [May 2nd, 2014]
German Chancellor Angela Merkel visits US, after the NSA eavesdropping scandal - Video - May 2nd, 2014 [May 2nd, 2014]
NSA spies on more US citizens than Russians Snowden - May 3rd, 2014 [May 3rd, 2014]
THE NEXT NSA?Police under scrutiny for using spying technology - May 3rd, 2014 [May 3rd, 2014]
Ukraine and NSA will test Merkel - Video - May 3rd, 2014 [May 3rd, 2014]
The Latest Attacks On NSA Whistleblower Edward Snowden - Kevin Gosztola Discusses - Video - May 3rd, 2014 [May 3rd, 2014]
Still Report #246 - NSA Classifies MH370 Material - Video - May 4th, 2014 [May 4th, 2014]
Code Talker Induction into NSA Hall of Honor - Video - May 4th, 2014 [May 4th, 2014]
NSA ( National Security Agency ) refusal to release documents on UFO's - Video - May 4th, 2014 [May 4th, 2014]
Obama & NSA Refuse FOIA Request on Malaysia Flight deemed classified - Video - May 4th, 2014 [May 4th, 2014]
Kafkawinstons World`s Channel Terminated NSA is replacing Channel`s with Sockpuppet Channel`s - Video - May 4th, 2014 [May 4th, 2014]
NSA Volunteer Justin Hall at the NSA Comedy Tour February 2014 - Video - May 4th, 2014 [May 4th, 2014]
Barack Obama on NSA Surveillance I'd Be Concerned Too If I Wasn't in Government - Video - May 4th, 2014 [May 4th, 2014]
GBPPR Vision #26: Overview of the NSA's TAWDRYYARD Radar Retro-Reflector - Video - May 4th, 2014 [May 4th, 2014]
NSA proof phone Case - Video - May 5th, 2014 [May 5th, 2014]
2014 NSA 2014 Million Dollar Publisher's Lab - Video - May 5th, 2014 [May 5th, 2014]
Gen. Michael Hayden - the Former Director of NSA and the CIA - Video - May 5th, 2014 [May 5th, 2014]
REVEALED: Here's The Solution To That Encoded NSA Puzzle Tweet - May 5th, 2014 [May 5th, 2014]
Michael Hayden's Unwitting Case Against Secret Surveillance - May 5th, 2014 [May 5th, 2014]
NSA's Encrypted Tweet: We're Hiring Code Breakers - May 5th, 2014 [May 5th, 2014]
Russ Tice: Life as a NSA Whistleblower - Video - May 5th, 2014 [May 5th, 2014]
What Is Going on at NSA These Days - Video - May 5th, 2014 [May 5th, 2014]
What is the Role of the NSA? AFF Dallas Debates - Video - May 5th, 2014 [May 5th, 2014]
Edward Snowden said CIA , and NSA had 52. 6 Billion for black budget - Video - May 5th, 2014 [May 5th, 2014]
NSA looks to appeal to young cryptographers through coded ads - May 6th, 2014 [May 6th, 2014]
Code Cracked: Mysterious NSA Tweet Is Decrypted in Seconds - May 6th, 2014 [May 6th, 2014]