One of the often overlooked problems in cybersecurity is the internal forces that can wreak havoc on a network. According to a Ponemon study: “55 percent of respondents say their organization had a security incident or data breach due to a malicious or negligent employee.” That’s just from inside the organization.
The question, therefore, is how do you give your staff the tools they need to work, without opening up vulnerabilities to your data? This is particularly important when the cost of an average data breach is $3.62 million. Because of this, we want to share a few thoughts on privilege and how unfettered access can open up a world of problems for your business.
Because Your Data Is Not for Everybody
Privileged access to data should be, well, a privilege. Does someone in your shipping department need access to your CFO’s accounting sheets? Does a salesperson need access to your banking information? Privilege is an employee’s ability to access data or tools through his or her workstation and across your network. Administrators, for example, have total access to anything in that network. For each employee position in your business, what is the level of access that individual has to your company’s data?
In the world of cybersecurity, there’s a concept called the principle of least privilege. This principle calls for the employee (or the position) to have access to the least amount of information and resources to complete the job – in other words, the minimum you need to complete your work. This hugely relevant factor is often missing in companies.
Because Hackers Choose the Path of Least Resistance
Hackers are looking for easy access. Leave the road less traveled to the poets. When a system has open access, the least-secure workstation or one careless mistake can spread to your entire network. One attack on one computer could be limited based on access. But if admin privileges are given, the attack broadens quickly.
From the Microsoft Windows Security Resource Kit:
“For example, examine the consequences of a network administrator unwittingly opening an email attachment that launches a virus. If the administrator is logged on using the domain Administrator account, the virus will have Administrator privileges on all computers in the domain and thus unrestricted access to nearly all data on the network. If the administrator is logged on using a local Administrator account, the virus will have Administrator privileges on the local computer and thus would be able to access any data on the computer and install malicious software such as key-stroke logging software on the computer. If the administrator is logged on using a normal user account, the virus will have access only to the administrator’s data and will not be able to install malicious software. By using the least privileges necessary to read email, in this example, the potential scope of the compromise is greatly reduced.”
In an environment that is practicing the principle of least privilege, the smallest error could have dire consequences. Why carry the risk when a few identity management protocols could eliminate the vulnerability while still allowing access to all the information needed to get the job done?
Because Role-Based Attributes Means Higher Cybersecurity
At the enterprise level, you find limited access across the board. This is because they have the IT staff to give them that higher level of security. For others, however, implementing a limited-access program can be complicated, because roles are often not defined by their data-access privileges.
A good identity management system helps you determine these roles and what attributes help define them. Whether it’s in the network’s active directory, on servers, on workstations or on any variety of business applications, identity management helps you keep your system on lockdown.