As part of a sound security structure, one of the most basic things a company can do is implement a principle of least privilege model within their organization. This blog will explain what this means and how this security model can up your security stature.
Principle of Least Privilege Definition (POLP)
The principle of least privilege stems from the idea that users should only have access to the resources that they need so they can adequately perform the duties that they are required to do. For example, an employee who works in sales should not have access to financial records. An account created for someone in marking should not have administrator privileges.
Benefits of Implementing a Principle of Least Privilege Model
An organization can reap many security benefits by implementing a principle of least privilege among their employees. We will dive into a few of these below.
What Does an Organization Accomplish Using Least Privilege?
An organization that successfully implements this model creates an environment where users can only access what is most important to them. Among other things, this can improve the efficiency of employees, having access only to the resources that they need and nothing else.
Many benefits exist for organizations that implement a principle of least privilege. A few are listed below:
- Better Security: When privileges are delegated responsibly, this can limit the damage from many potential insider threats
- Reduced Opportunity for Lateral Movement Attacks: An overabundance of privilege accounts provide would-be attackers plenty of opportunity for lateral movement attacks
- Protection Against other Attacks: Implementing a principle of least privilege can help stop the spread of other common attacks on organizations, such as malware
- A Healthier Network: A clean, organized network where admins are required to audit the access of all employees is a healthy network. A virtual free-for-all can lead the chaos
Which Security Practices Are Examples of the Principle of Least Privilege?
Below are just two examples of how organizations can utilize the principle of least privilege.
Least Privilege User Accounts
Although this one may seem obvious, one of the most effective and underutilized ways to reduce risk is by making sure employees have an appropriate access level. By doing this, you can cut off the opportunity for malware to spread by having a low-level employee phished.
Just-in-Time Least Privilege
Sometimes, an employee temporarily will need high-level access or access to a resource they do not normally use. An example of this could be someone who works at a helpdesk or in IT Support. In cases like this, it makes sense to grant them just-in-time access. Stealthbits Privileged Activity Manager does just this – enabling secure, task-based administrative access delivered just-in-time and with just-enough privilege.
Zero Standing Privileges
Just-in-time least privilege can also be a part of the zero standing privileges philosophy, which has the objective to eliminate these “always-on” privileges.
Steps to Implement a Principle of Least Privilege Model (Best Practices)
The steps below should be followed to implement a principle of least privilege policy in your organization:
Scan and catalog all systems and directories attached to the corporate network. Enumerate all accounts and groups including data such as password age, last login, and permissions.
Identify shared and dedicated privileged accounts and enumerate membership of built-in administrative groups. Know who has privileged access to servers and directories such as Active Directory.
Deploy vaulting mechanisms to rotate privileged accounts on schedule using strong passwords defined by policy. Any solution must provide the capability to provide access on a just-in-time basis and ensure that any credentials exposed for whatever length of time are rotated after use.
Audit usage of privileged accounts and build internal processes around regular entitlement certification and session review. Ensure that users have appropriate access to privileges according to their role and that entitlements are removed when no longer appropriate.
Build-in Administrative Rights
Eliminate administrative rights to desktops, servers, and directories through the use of agent-based or agent-less technologies. Make sure that no user has administrative access without going through a policy-based control mechanism that audits and governs access via policy.
Enforce Least Privilege Delegation
Build delegated access policies that provide levels of access to tasks without the need to give full administrative rights. Where administrative rights are unavoidable, they should be delegated to dedicated user accounts for accountability and should be time-limited for specific maximum durations.