Prevent Privileged Access Vulnerabilities
Learning Objectives
After completing this unit, you’ll be able to:
- Identify the threats inherent to privileged access.
- Explain how to prevent abuse of privileged access.
- Apply privileged access controls.
Understand Privileged Access Threats
Now you know that privileged users, by definition, have access to computer or application systems that other users don’t. Because organizations need users who can install or modify systems and controls, they must be able to grant privileged access to certain users. However, this also means that organizations must take into account that privileged users pose a security threat.
While a cybercriminal who gains access to privileged user credentials can cause immense harm to a system, internal misuse of privileged access can be just as dangerous. In many cases, simple curiosity is the culprit. According to industry surveys, a large percentage of privileged users feel empowered to access all of the information they are allowed to view, even when it is not necessary to their job function. This is why it’s so important to implement the principle of least privilege when you’re configuring access controls. People cannot breach systems they don’t have access to in the first place.
Restricting the type and number of privileged access accounts is one of an organization’s first lines of defense. Nationwide surveys of IT employees show that privileged access continues to be given to employees who do not need it to do their work. This happens either because everyone with their job description has that level of access, or because it was never revoked when they changed job roles.
Prevent Privileged Access Abuse
As a person with privileged access, what can you do to guarantee you do not leave a door open that others might be able to use to access that information?
Solid password hygiene is the first line of defense against security breaches.
- Never share passwords—neither between users nor between accounts.
- Create strong passwords with help from password generators like 1Password, Keeper, or Dashlane, which store them securely so you don't have to worry about remembering them.
- Always change default passwords for all systems.
- Use multiple authentication methods, which provide a safety net in case your primary account credentials are compromised.
A good best practice as a privileged user is to get into the habit of requesting only the minimum level of access that is absolutely required to do your job and for only the time in which you need it.
While we all know that information gained by privileged access is protected and may not be given to any nonprivileged user, beware of social engineering attempts. If any user, privileged or not, asks for your credentials to access protected information, this is a no-no. Users who have appropriate privileges are able to log in using their own credentials.
As a privileged user, it is your responsibility to stay informed about access management and production access policies in your organization. It is also your responsibility to be informed about and follow all change control processes before making changes to production systems.
Good cybersecurity relies on everyone’s vigilance. As a person with privileged user status, you have a heightened level of responsibility for guarding your organization’s data and systems.
Manage Privileged Access
There are a number of key principles organizations should implement to protect assets, data, and users.
Least Privilege
As we've mentioned before, the principle of least privilege is the cornerstone of solid cybersecurity. It’s crucial when you're configuring access that you only grant the minimum access users need to perform the job they are doing at that moment. This means that you limit access and, in certain cases, configure temporary, time-limited access.
Multi-Factor Authentication (MFA)
MFA involves components from at least two of the following categories: something you have, something you know, or something you are. In the past, single factor passwords sufficed. Yet since a password is something you know, if someone else knows your password, then they can also authenticate as you. This is why configuring MFA is so valuable.
A good MFA system is dynamic, hard to guess, and changes frequently. Factors can be hard or soft. Hard tokens might be items like YubiKey or a chip on a card. Examples of soft tokens are authenticator applications you access from your mobile phone. Used in conjunction with a PIN, password, or biometric, these factors provide stronger protections than usernames and passwords alone.
Just-in-Time Access
When users are given permanent instead of temporary access, the chances that a breach can occur go way up. If a user only needs to access sensitive data or system settings occasionally, it is much better to give them just-in-time or time-limited credentials that can be automatically terminated after they finish their job. This way, you ensure that the number of privileged accounts stays limited and that accounts no longer in use are properly terminated.
Develop Termination Procedures
Another way to control privileged user access is to make sure that unused accounts are terminated when an employee leaves the organization or moves to a different position. It is very important to set up procedures to disable their privileged access accounts.
Audit Privileged Access Users
Many organizations require that access reviews of all user access across systems, applications, and databases should be performed at least every 90 days. A few items to note about these audits.
- If an access reviewer states that access is not appropriate or required for a user, access should be terminated immediately.
- The review should be documented showing the initial list, confirmation of access by the appropriate system or application owner, and the after list showing that updates have been made.
- Access reviews should be documented and approved.
Monitor User Actions
All privileged user activity should be monitored. Usage logs should include all information required to trace actions, including the user ID, time, database object, exact action executed, and list of records accessed or altered. Because privileged users have elevated access, you must ensure that these logs cannot be modified by the very users who are being monitored. To prevent this, host these logs in separate databases and restrict access for those monitored users to make changes to the database (write access). It is also wise to establish policies that define legitimate behavior for privileged users. Then set up systems that can identify violations, block suspicious activity, and send an alert—all in real time.
Now that you know how to maintain good cybersecurity hygiene, you can be your organization's first line of defense. As a person with privileged user status, it’s your responsibility to guard data and protect your systems.
Implement Zero Trust
Zero Trust is a security model that provides a more secure approach to managing privileged access, reducing the potential impact of privileged access abuse and minimizing attempts by malicious actors to gain access to sensitive systems or data. The zero trust model uses multiple layers of security and authentication protocols to continuously verify the user's identity and grant them access based on the principle of least privilege.
This means that even if a privileged user has legitimate access to some systems, they do not automatically have access to all systems or data. Access is based on a variety of factors, including the user's identity, location, device, time of access, and behavior patterns. This ensures that authorization decisions are based on contextual data, rather than just assuming that a user with elevated privileges is trustworthy.
Knowledge Check
Ready to review what you’ve learned? The knowledge check below isn’t scored—it’s just an easy way to quiz yourself. To get started, drag the term in the left column next to the matching description on the right. When you finish matching all the items, click Submit to check your work. To start over, click Reset.
Great work!
Sum It Up
In this module, you’ve been introduced to the concepts of privileged access and privileged access management (PAM). You’ve learned why setting access control limits is so important and the security challenges this process poses. You've also learned about the core cybersecurity principles that should guide good access control policies.
As someone interested in becoming a developer, it is critical that you learn to build security into all aspects of your development work. This includes making sure that your organization is protected with secure access policies. Interested in learning more about cybersecurity best practices? Check out the Cybersecurity Learning Hub on Trailhead.
Resources
-
Trailhead: Zero Trust Security
-
External Link: Open Web Application Security Project (OWASP): Access Control for Software Security
-
External Link: National Cybersecurity Center of Excellence (NCCOE): Out with the old, in with the new, making MFA the norm
-
External Link: Open Web Application Security Project (OWASP): Authorization Cheat Sheet