After a cybersecurity breach, it’s not uncommon to find that the accounts used to hack the networks were able to do so because they had far more access rights than were strictly needed by the owners to do their jobs. Over time, as the employees moved between programs and roles, they had kept adding new rights, with old rights that weren’t being used not being closed out and left as a point of vulnerability, according to an article in TrueFort. When this privilege creep accumulates over years across an organization, it can easily make any cybersecurity intrusion far worse, as bad actors exploit these leftover and forgotten rights to steal or otherwise compromise data.
To reduce the risks of this access or privilege creep, cybersecurity teams can take five key steps:
- Only providing users with the minimum level of access needed to perform their duties;
- Regularly reviewing previously granted access rights, to ensure they’re still required;
- Assign access based on roles, rather than individuals, allowing form automatic update of access should a user’s role change;
- Automatically removing access when individuals leave the organization, or otherwise change roles;
- Providing regular security training to help people understand the importance of access control and the risks of privilege creep.
Source:
