While not a problem in and of itself, privilege creep can result in users having access to resources they no longer need which would then violate the principle of least privilege. Users may gain privileges as job duties change or as they transition to new roles. Privilege creep, or aggregation, refers to the tendency of users to accumulate privileges over time.Entitlement is a term used to refer to both the process of granting users privileges and the scope of those privileges.There are a handful of additional important terms and concepts associated with least privilege. If there is no legitimate business need for the employee to have such privileges, such risk cannot be justified. For example, an employee with privileges to install software on their company issued laptop could easily introduce malware to the network. The opening of a system-level threat might be unintentional on the part of the employee. These activities open significant threat vectors and least privileges should be applied whenever possible. When we think of system privileges, we are generally talking about activities such as logging in to computers and networks, starting programs, and installing software and hardware. In the worst case, a program will offer little or no security and other measures will be required to ensure data integrity. One program might enable privileges to be set on individual fields, while another might have privileges set on a screen-by-screen or module basis. Each program will have its own security model. Most organizations use many different programs from a variety of vendors. Much of an organization’s data is likely to be managed and accessed through software interfaces, such as an accounting or inventory management program. Some information will be stored in content management and sharing systems that might have similar functionality to network drives, but permissions are managed using administrative tools provided by the management system itself. Some information is stored in files and folders on network drives, with permissions set by system administrators using the operating system tools. In today’s networks, users access data in many different ways. When we think of data privileges, we are typically thinking of the ability to view information (read) and to change information (write), as well as creating and deleting records and files. Least privilege is a principle that is applied to both data and system functions. That employee should have read only privileges to payroll. The analyst never needs to make any updates to the payroll data. Consider a budget analyst that needs to review payroll information to complete a quarterly report. The principle of least privilege says that an individual should be given the bare minimum access needed to perform their job functions. More important, almost half (43%) of survey respondents said that insider attacks were more costly or damaging than outsider attacks. State of Cybercrime Survey from Carnegie Mellon University’s CERT Division found that 1-in-5 cyber attacks come from insiders. The crimes include fraud, stealing of company secrets, system sabotage and espionage. Known as insider threats, the list of ways that authorized users can cause mischief is sobering. The two principles are part of the broader topic of access control which addresses how user permissions are restricted to help ensure a secure environment. Least privilege and separation of duties are two related IT security concepts that are critical in the prevention of fraud and other abuses by employees and other authorized system users.
0 Comments
Leave a Reply. |