The idea of Least Privilege has been floating around for many years now, and most IT/Security teams are well versed in why it is important and what it takes to implement. However, recent data breaches suggest that simple least privilege principles are not followed by a significant proportion of organizations.
If you want your data to be secure, you need to have implemented a strict least privilege model. The volume of data generated can sometimes make this an issue. But this is no excuse. So, in this article, we will go through just what the principle of least privilege (PoLP) is, why it’s important and give some tips on how to get it right.
What is the Principle of Least Privilege and Why is It Important?
First off, we should start with a brief explanation of PoLP for the uninitiated. The general definition of least privilege is making sure that each employee, whether that is the CEO or the newest junior hire, has the minimum permissions required for them to perform their job effectively. They should have just enough to allow them to make decisions and run applications, for example, but not so much that they are able to abuse security controls or access things they shouldn’t be able to.
It may sound simple on paper, but many organizations struggle with implementing it for a number of reasons. Namely, data is being generated at a monumental scale, and a lot of companies haven’t yet got to grip with how to identify which users require access to certain data. Over privileged users are often the primary reason for accidental or malicious insider threats and they are, in many cases, the primary target of hackers looking to gain privileged access.
How Have Organizations Failed in the Past at Implementing PoLP?
When organizations have tried to implement PoLP in the past, the general practice was to go overboard to ensure that privilege abuse wasn’t possible. Unfortunately, this led to many organizations turning everything off, including local administrator accounts, even making many of their important employees simple standard users. Standard users in most environments can’t even perform basic functions, such as connecting to WiFi or installing a printer (or even change the clock time!).
This extreme least privilege position started to impact productivity and the general functioning of the business. Help desk calls would increase and the IT team would become overwhelmed with problems that could have been easily avoided if a more rational approach to the PoLP was taken.
Many organizations addressed this problem by making all their users local administrators, creating the exact reverse problem of an abundance of over-privileged users. In many ways, striking that balance is still a major issue for many businesses. It’s an important one to get right as hackers often look for these local administrator accounts to gain access to the system.
What Can Be Done to Address this Problem?
Organizations need to take a step back and look at the problem of least privilege from a data-centric approach. Work from the inside out, not from the outside in. Locate where your most sensitive is and what exactly makes it sensitive. Then decide which of your users require access to this data and make sure that you have a way of monitoring whether those permissions change. You should also ensure that you have a way of monitoring and analyzing the behavior of your privileged users in relation to your data to spot the signs of privilege abuse or insider threats.