In It is no secret now that from all possible threat vectors acting on an organisation, an insider threat is the most potent of them all. It has been proven time and again that a harmless change or mistake can have colossal repercussions. The Ernst & Young 2009 Global Information Security Survey identified that authorised users and employees pose the greatest security threat to an organisation. The 2010 SAPS crime statistics also show that a total of 84,842 white-collar crime cases were reported between April and March 2009/10, marking a 56 per cent increase from 2006.
Most of the access provided to all users in any organisation is typically role-based. However, most organisations forget to consider crucial factors like data classification and data ownerships. And by that logic, a network administrator gets complete access to the network segment that s/he is responsible for. It is the same case when it comes to system and database administrators. Some of the questions that need to be asked here are:
Why should administrators have access to areas in the infrastructure beyond what is required?
For example, in the case of a bank, a database administrator should be able to fire backups and execute the corresponding scripts to get his/her task done. Why should they be able to snoop on the users database and their cell phone numbers? The problem lies with the privileges that the administrator has, to execute his routine tasks.
Can we simply take away these privileges?
The simple answer is no. However; what we need is a watchdog in the infrastructure to make sure that such actions of snooping or privilege abuse are logged and audited.
Why will the existing auditing features in the infrastructure components fail to capture this information?
The existing auditing can be manipulated or even stopped with the right privileges. What this needs is an additional (privileged identity management) layer over the infrastructure in question, which requires authentication and maintains its own authorisation. Hence all administrative users will need to authenticate themselves into this layer using named IDs and not their administrative or super user credentials.
So, what do we do to the administrative or super user credentials?
Since the users are required to login into this layer, the privileged identity management infrastructure will change the administrative and super user credentials to a random password which will not be revealed. The passwords will need to be stored in a vault that is hardened, using an acceptable encryption mechanism.
What are the direct advantages of an effective privileged identity management framework?
- Total accountability for insiders
- Ability to audit suspicious activities
- Ability to respond to these activities
- Prevention of the next crime in your organisation
So if youre asking how much access is too much? While the answer could be subjective, the use of privileged identity management systems takes care of the question simply and effectively.
Dhananjay C Rokde is Global Head, Information Security, Cox & Kings Group.
Add new comment