What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Do Too Many Users Have Privileged Access Rights?
Do your users have privileged access rights they don’t need?
According to a recent Ponemon report on the State of Data Access Governance, plenty of organizations are granting privileged access rights for “no apparent reason”. Others are even granting privileged access to every user at a certain job level, even if it is not required to do their job! From a security standpoint, this is – to say the least – concerning. Luckily, we know that implementing a Data Access Governance (DAG) program can help eliminate inappropriate at multiple layers.
As we’ve established, too many users have a higher level of rights than is necessary to do their jobs. We see it all the time. For instance, in order to lighten the load for bandwidth-constrained helpdesk staff, some organizations will give all their users Local Admin rights to their computers so they can install software. Users rarely need this level of access to begin with, and it’s hardly ever revoked, leading to massive vulnerability and susceptibility to modern attacks.
The problem with this inappropriate access is the ease of entry it creates for attackers. Most data breach incidents are facilitated by the fact that a user has a higher level of rights on the compromised system than is actually needed. In fact, Forrester estimates that 80% of data breaches involve privileged accounts. To be clear, there is plenty an attacker can do with such privileges; with Local Admin rights, an attacker can move laterally, then vertically, and ultimately find the privileges they’re really after – Domain Administrator.
With a Data Access Governance (DAG) program in place, regularly reviewing access rights with system and data owners on a regular basis would go a long way in solving the problem of people retaining access rights they don’t need. DAG eliminates the problem of temporary access being supplied and never being removed. Regular reviews of privileged access, whether at the system, within AD, or the data layer, will help to alleviate these types of scenarios where you’re inadvertently supplying access, forgetting to remove access to data and resources, or inadvertently supplying access to resources in the first place. By taking these necessary precautions, your organization can eliminate some serious risk of data breach.
We hope you’ve enjoyed this blog series breaking down findings from the 2018 Ponemon Study on the State of Data Access Governance! You can continue to learn about the importance of Data Access Governance here: https://www.stealthbits.com/data-access-governance-solution
Don’t miss a post! Subscribe to ‘The Insider Threat Security’ Blog here:
Tracy Fey is a Technical Marketing Documentation Specialist at STEALTHbits. Tracy creates tools and content to increase awareness of STEALTHbits products and capabilities, as well as educate on a variety of subjects in the cybersecurity space.