Least Privilege Reduces Breach Impact
The principle of least privilege says that user accounts should be provisioned with the minimum level of permissions required to complete job responsibilities. The majority of an organization’s employees do not require administrator-level access, and providing this unnecessarily increases the potential impact of a data breach. Users that do require this level of access, such as system and network administrators, should use an account with restricted permissions for everyday tasks such as checking email, and only use administrator-level access for tasks where it is absolutely necessary.
By limiting privilege levels on user accounts, an organization minimizes the potential impact of a data breach; 74% of data breaches involve a privileged account. By reducing the probability that a privileged account will become compromised via phishing, credential stuffing, or similar attacks, an organization forces a potential attacker to use privilege escalation tools to gain the level of access required to achieve their objectives. These techniques can be more easily detected, enabling the organization to respond before a breach occurs.
Enabling Secure Telework with Privilege Management
As organizations consider extended or permanent support for telework programs in the wake of COVID-19, proper management of privileges for user accounts is more important than ever. Teleworkers are exposed to a number of risks that do not exist for on-site employees and are more likely to unintentionally enable a data breach.
For example, a teleworker is more likely to download sensitive data to their computer in order to avoid delays associated with the virtual private network (VPN) infrastructure. This downloaded data is no longer protected by an organization’s deployed security solutions and is subsequently more vulnerable to exfiltration.
With a remote workforce, an organization needs to balance system usability with system security. If teleworkers cannot perform core job functions, the productivity of the business suffers. On the other hand, a breach of sensitive and protected user data can cause both a loss of productivity and significant costs associated with remediation efforts and legal and regulatory penalties.
By implementing least privilege for user accounts, an organization can balance the need for usability and security. For daily, non-risky activities, an organization can configure user accounts to have high usability, including support for extended sessions and easy reauthentication. However, for more risky activities, such as database access or anything requiring administrator-level access, additional security controls can be put in place, such as faster idle session timeouts and stricter authentication requirements. By doing so, an organization can decrease the probability that an account is compromised and limit the window in which an attacker can perform malicious activities.