In a recent survey of LinkedIn users, privileged users pose the biggest threats to an organization (60%), followed closely by contractors and consultants (57%) and regular employees (51%). This shows us that our access credentials are more valuable than ever which means that being able to locate our high risk access accounts has become more important than ever.
Do you know who has the administrative privileges to your key applications, networks,
servers, or even email programs? When you are working in a small company with only a handful of employees this information can be easily tracked. You probably only have a handful of applications as well so manual mapping isn’t difficult.
However, if you are a business with 100+ users, manual recording becomes almost impossible. There are hundreds of thousands of access relationships active in a normal network. At the enterprise level you can be looking at trillions of access relationships. Keeping up with who has the keys to what is more than improbable, it is impossible to control at any scale. They typically incorporate user provisioning, password management, policy management, access governance, and identity repositories in an often complex design.
While these solutions are extremely helpful in tracking your access relationships, in order to be able to spot your high risk accounts, you need to add intelligence.
Intelligent IAM (IIAM) encompasses all the administrative processes used in Identity and Access Management (IAM), but the processes are influenced by real‐time data. IAM solutions that use intelligence continuously collect, monitor, and analyze large volumes of identity and access‐related information, combining data not only from provisioning and governance solutions but also from security products and other external systems.
What does this real time data mean in your real world? Here are a few examples of how using actionable intelligence can help you find your most at risk accounts:
1. The ability to compare access roles and peer groups: Deploying roles-based access controls (RBAC) is hard. A fully deployed RBAC program promises to deliver improved compliance, more efficient provisioning, and increased security posture for your organization. Adding intelligence allows you to have a visualization-first approach which allows role creators to make intelligent decisions about which entitlements should be included in a role, and which users should be assigned to this role.
2. Force re-certifications for privileged assets: Speaking of questionable access, wouldn’t it be nice if your system automatically enforced re-certification of privileged assets on your timeline? With an intelligent IAM solution, you can set the parameters and ensure that only the right people have the right access at the right time. This is great for seasonal employees, contractors or interns who have shorter employment cycles.
3. Notifications and alerts to suspicious activity: I know, more alerts, but again isn’t it easier to be automatically alerted to suspicious activity when it happens rather than months later during your audit? Often times, a bad actor will enter your system through a seemingly innocuous system or application. Something that everyone has access to so it doesn’t seem like anything out of the ordinary is happening until they move throughout your system gaining access rights as they go. With IIAM you will be alerted to this activity before it can escalate.
4. Where are your orphaned accounts? Do you have summer interns in your company? What about consultants or contractors? When they finish their project or their internship runs out, do you have a system in place for de-provisioning them? With a traditional IAM system, you should be able to see this. But what if you forget? What if the interns leave while you’re on vacation and no one remembers to shut off their access? With intelligence, you can see where your orphaned accounts lie at any time. You can report on who hasn’t used their access in 30 days or whatever amount makes sense for your company and you can do this with a visual map that easily shows where your privileged accounts are.
There are still things you need to do to protect your privileged accounts including continuing to build a culture of security in your organization and continuously monitoring your network for any inconsistencies, not just privileged accounts.
If you want to see what any of these solutions look like in real life, you can request a demo today and one of our solutions consultants will be happy to show you the products that will work best for your needs.