Least Privilege At Work: PEDM and Defense in Depth
Cyberthreats are many and varied, which means that cybersecurity measures need to be equally varied and agile in order to truly protect your organization. To provide such agility, the application of two main principles is required when designing and implementing cybersecurity: Least Privilege and Defense in Depth.
The Principle of Least Privilege, or POLP, is an easy concept to understand because it says up front what it’s all about: Making sure that anyone with access to privileged resources only has privileges to the least amount of resources required to accomplish their tasks. It also means implementing granular, precise rights rather than catch-all, access-to-everything overarching privileges. But although the concept itself is easy to understand, implementing it can be a challenge when it comes to admins and other users who potentially require access to a wide array of privileged resources.
Though the Principle of Least Privilege is easy to understand, implementing it can be a challenge.
Ensuring that everyone, even admins, can only access the resources to which they are privileged is what lies at the heart of Privileged Access Management (PAM). But again, the application of PAM to admins can be complex, owing both to the wide range of tasks that admins need to accomplish and the number of resources that they might legitimately need to access in order to do so – which is where Defense in Depth comes into play.
Defense in Depth, as a security principle, derives from the fact that applying a single line of defense is simply not enough to ensure security across the complicated structure of modern corporate resources and networks. Rather, what is needed are layers of security – an in-depth defense – that can match the complexity of corporate systems. Applying a granular approach to PAM can help do exactly that.
To be as precise as possible, PAM should apply to everyone with elevated rights. This especially includes admins who, by the nature of their work, often need extensive access to sensitive resources including servers, data, and critical IT systems. In order to provide this granularity, and thus the defense in depth that’s needed, certain key functionalities need to be in place:
- Administrators, like all users, need to be granted only the least possible privileges required to do their work.
- If privileged resources are potentially dangerous because they can access other privileged resources – they have the capability to change the system registry or system folders, for example – these actions and access should be restricted as a matter of course.
- Any encryption that a resource carries out should be subject to a ruleset so that proper encryption – passwords or credit card numbers in a database, for example – is allowed to proceed, but illicit encryption like that attempted by ransomware is not.
- Application-to-application resource management needs to be in place. That is, certain applications should never be allowed privileged access, even if the user is an admin with privileged rights of their own.
Employing a PAM solution that has this kind of functionality ensures both that the Principle of Least Privilege is followed, as well as provides the defensive layers needed to help ensure security. It does this by making sure that all privileged users, including super admins, can only access the least amount of resources needed for their work at any given time – and that the resources themselves cannot be used in turn to access other privileged resources.
On a final note, it’s also important that, while defense-in-depth and granular, minimum privileges can provide the complexity needed to counter complex threats, the application of these principles must be as simple and transparent as possible. In other words, even though the defense must be complex, the system itself must be easy to manage, or it won’t be used – and it must be as transparent to users as possible so that impacts to performance of their necessary tasks are negligible.
Cyberthreats are real, and it’s only through creating a cybersecurity system that employs the least privilege with a deep feature set and ease of use that companies can hope to head off these threats.