We regularly read headlines about how employees are the biggest threat to company data, in fact, recent research found that 64% of organisations believe that they’ve likely had either a direct or indirect breach due to employee access in the last 12 months, and that 52% of businesses are very or fairly concerned about sabotage from a former employee. Take Tesla for example, who admitted to being a victim of a data leak due to an unhappy employee, who made changes to company source code and exported gigabytes of proprietary data to unknown third parties.
It’s evident that the insider threat can be difficult to catch because employees have legitimate access to the network. Plus, BYOD and the cloud have made the traditional network perimeter obsolete, meaning that it is more difficult for IT teams to track where company data is going and who is using it.
What is often overlooked is that many of these breaches originate from a cyber-attack or data leak achieved by exploiting a single, unsecured privileged account. Large organisations typically have thousands of privileged accounts that are often left unmanaged. Malicious insiders, former employees, cyber-criminals and even state-sponsored attackers can exploit these unmanaged privileged accounts. Through these, they can then anonymously access and extract an organisation’s most valued data.
For the last 40 years, “always-on” privileged accounts have been the default mode for administrative access and have proliferated across enterprises, presenting a massive risk surface. Privileged access, rights, and permissions that are always in an active mode are ready to be exercised at any time—for legitimate activities as well as for illicit ones. And this risk surface is rapidly expanding with the expansion of virtual, cloud, and DevOps environments, internet of things (IoT) devices, as well as in emerging areas, such as robotic process automation (RPA).
Against this backdrop, it’s no surprise that the abuse and/or misuse of privileges play a role in almost every cyber-security breach incident today. With privileged access in hand, an attacker essentially becomes a malicious insider, an alarming scenario for any IT professional, all the way up through the
C-level and the Board.
Just-in-time, all the time
To ensure employees can only gain access to specific information business should introduce Just-In-Time (JIT) into the organisation. JIT is key because it ensures that technical access is only granted to employees when absolutely necessary.
Just-in-time (JIT) privileged access management (PAM) is a strategy that aligns real-time requests for usage of privileged accounts directly with entitlements, workﬂows and appropriate access policies. Companies use this strategy to secure privileged accounts from the ﬂaws of continuous, always-on
access by enforcing time-based restrictions based on behavioural and contextual parameters.
JIT PAM sharply limits the duration for which an account possesses elevated privileges and access rights, drastically reducing the window of vulnerability during which time a threat actor can exploit account privileges. JIT helps enforce the rule of least principle to ensure that privileged activities can be performed in alignment with acceptable use policies, while forbidding those that fall outside of the right context.
When a privilege is requested, it must meet the required contextual parameters before being checked out—the privilege is never owned by the account. This mitigates the risk for their misuse when potentially leveraged outside of a privileged access management deployment. No longer are privileged accounts essentially fully armed and ripe for abuse.
As an example – consider a typical always-on privileged account that may be “privileged active” 168 hours a week. By shifting to a JIT PAM approach, you could reduce that privilege-active state down to
just 25 minutes. Multiplying this eﬀect across all your organisation’s privileged user accounts will have a truly massive impact on risk-reduction.
For many organisations, implementing a JIT strategy in tandem with a just enough access model is the next, most impactful step they can take toward protecting their valuable IT estate. JIT privilege management should be considered an essential component of a true least-privilege strategy.
In lieu of enabling accounts all the time once authenticated, exert further control over when and how they can be used by expanding the security model to deny all privileged activity until the appropriate business criteria is satisfied for their usage. This entails not only restricting account access, but the actual privileges, permissions, and entitlements that an account can use in real-time.
By enabling a JIT PAM strategy that uses contextual triggers, and ensures the user behaviour of the privileged account is appropriate based on real-time policies, JIT PAM can dynamically address the substantial, enterprise-wide risks posed by always-on accounts. This represents not just the natural evolution of privileged access management, but a considerable leap forward in IT risk management.