Earlier this week, accounting software firm Sage warned customers in the U.K. that their data may have been exposed after it detected unauthorized access using an internal login.
Compromised internal credentials account for a staggering number of data breaches, according to recent research, and can be prevented by following the principle of least privilege access, U.K. security company Hypersocket Software says.
“Many organizations already use identity management as a key weapon in their security arsenal. This allows a network or system to authenticate the identity of a user through credentials ranging from a simple user name and password to digital certificates, physical tokens, biometric factors or a combination of these,” Lee Painter CEO of Hypersocket Software said in a statement. “But is authenticating identity really the first step organizations should be taking? The fact that someone has established his or her identity as an employee should not result in unfettered access. So access control and more specifically least privilege access, should be the very first consideration in any organization’s approach to Identity and Access Management.”
“Employees may need special one-time access, and each person fulfilling the same role might need slightly different types of access,” Lee said. “Effectively managing least privilege access here requires not only authentication and secure connections, but granular controls for each user and the ability to monitor their activities.”
A blog post on Microsoft TechNet describes the opposite of least privilege access – broad and deep privilege.
“Unfortunately, the path of least resistance in many environments has proven to be the overuse of accounts with broad and deep privilege. Broad privileges are rights and permissions that allow an account to perform specific activities across a large cross-section of the environment- for example, Help Desk staff may be granted permissions that allow them to reset the passwords on many user accounts.”
“Neither broad privilege nor deep privilege is necessarily dangerous, but when many accounts in the domain are permanently granted broad and deep privilege, if only one of the accounts is compromised, it can quickly be used to reconfigure the environment to the attacker’s purposes or even to destroy large segments of the infrastructure.”