Historically, those with privileged access, “superuser accounts,” have been poorly governed. Owners of these accounts may have limited or no formal training in managing accounts, potentially exposing their enterprises to security attacks. Access problems also increase with UC and CC resources and become an even bigger problem when you add IoT devices into the mix. So, what can be done to ensure safe and effective access to resources and services and that users are using their access accordingly?
Privileged Access Defined
Even though superusers have privileged access, and can typically change, modify, and/or eliminate the status or condition of IT devices and software, they must be overseen to ensure that what they do (or don’t do) is within their responsibilities and authority. Poorly managed superuser accounts can lead to many headaches – business losses, theft of sensitive information, and malware that can compromise data and the overall network.
So, what can enterprises do? For starters, these superuser accounts should be reserved for those responsible for IT, network implementations, and operations. On a more strategic level, enterprises should implement a good privileged identity management (PIM) strategy to monitor superuser accounts to ensure that their access level isn’t being misused or abused. Privileged identity management requires:
- The creation of a policy that specifies how superuser accounts will be managed and what the account holders can and can’t do
- Develop a management procedure that can be used to identify responsible parties to ensure that policies are followed
- Inventory, monitor, verify, and audit privileged accounts
- Establish and implement tools and processes for superuser access management
Managing Privileged Access
In managing superuser accounts, there are many questions to ask yourself. How do you keep track of all the changes, updates, and modifications being made to the IT and network environments? Are the changes well-documented? Do you need to be a superuser controlling remote IT resources for your users? Do you know who has connected to those resources and what they did? These are persistent challenges and questions.
Even if you have complete trust in your superusers, are their credentials really safe? A disgruntled superuser could change IT resources on a whim. If they are overextended, did they miss something, make a mistake, or were just negligent? Superusers are human and not perfect, which should be considered when creating a PIM strategy.
Six Elements of Managing Superuser Accounts
To answer the questions above, here are six elements for managing superuser accounts and their activities:
- Authorization – This is the process of providing a user with permission to do or have something in a multi-user computer system or network. Who is allowed to be a superuser?
- Authentication – This is the process for determining whether someone is who they say they are, i.e. verifying their identity. Are they an authorized superuser?
- Control – This is the power to add, modify, and restrict an action.
- Monitoring and recording – The ability to observe and check the status and progress of IT resources over a period, knowing what superusers did what when.
- Auditing – Conducting a systematic review of the state and status of IT resources.
- Reporting – Providing an unbiased and secure account of IT resources, their state, status, and the actions of superusers.
Privileged Access Security, Beware of the Risks
Many enterprises secure privileged access for internal and external IT staff solely on their credentials or identity as a way of controlling who has access. This is necessary, but not sufficient. Securing access pathways and recording access connections and activities are also crucial to protecting critical systems and data from cyber threats, malicious behavior, and errors. Privileged access is a balance between productivity, security, and ease of use.
Success with Remote Service Delivery
There are many challenges to overcome, including a broad range of services and devices. There are tools available for monitoring that may have very specific connectivity requirements; IT might have their own technical and security requirements. IT may also be reluctant to allow a third party to access and control their IT resources. Services may be weakened or have no security at all because of poor remote service delivery.
Common Security Mistakes
Common security mistakes have many sources: negligence, malicious behavior, ignorance, and poor training of those managing resources. You may find that some users put information on posted notes, visible and available to almost anybody. Whoever is managing access must minimize access to superuser accounts, protect that access, and enforce security policies. There may be security patches and updates that you’re slow to install. An open question is, “who is watching your staff, so you know that they’re performing appropriately, correctly, and securely?”
Privileged Users: Are They Ok?
Every time privileged access is given, you should have an automated mechanism that records, reports, stores, and analyzes that activity. The activity also should have a historical record, so you can go back and look at the behavior of the user. This doesn’t mean you should mistrust users. Verifying, documenting, and storing these actions is a way of ensuring that the information about the changes can’t be compromised. Every connection must be monitored automatically with the appropriate record and data stored for future analysis.