Open Access (Part 2): Shutting It Down

Open Access (Part 2): Shutting It Down

Last week, we talked about the headache-inducing security fault known as Open Access. Now, let us be your Advil.

For the past decade, STEALTHbits has been working with many of the largest, most complex organizations in the world to perform content collection and analysis across their technology infrastructure. Through these operations, we have developed an advanced workflow process to support complicated organizations along with more streamlined ones. Each organization has a unique structure, so we found similar discrepancies in security models, access controls, and audit requirements and created a process to adapt to diverse environments as well as the changes of time.

The STEALTHbits workflow identifies, prioritizes, and reduces risk associated with Unstructured Data as part of the Access Governance solution built on the StealthAUDIT Management Platform.

The Steps:

So in the overwhelming process of data security, open shares are a great place to start in securing your data. No matter how thorough your security is, if you hand access out like candy, no system will be adequate. Ensure only the right people have the right access to the right data.

Come back next week for our best practices on closing the door on open shares.

  1. General cleanup of users and groups.
  2. Determine servers and generate automatic host lists that group servers by OS and installed applications.
  3. Identify resources and installed services.
  4. Classify data by content metadata, then scan for and prioritize sensitive content.
  5. Identify file share type as Application Share, User Business Share, or User Personal Share.
  6. Exposure is primarily determined based on two factors. How open is the access? How much is exposed?
  7. Generate a risk score to determine what the priorities are for the implementation plan.
  8. Verify resource ownership.
  9. Establish an implementation plan to address high-risk conditions and establish a baseline of user entitlements to support on-going audit and review requirements.

For more information, download the white paper, Closing the Door on Open Access:

https://go.stealthbits.com/closing-the-door-on-open-access-white-paper

Or view our on-demand webinar, “Making Open Access Compliant and Secure:

https://go.stealthbits.com/on-demand-webinar-making-open-access-compliant-and-secure

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.