Privileges, Not Rights: Keeping Control with Privileged Access Management
Business has always run on personal connections. But for many years, it’s also been run on a host of network and data connections designed to provide both internal and external users with access to corporate systems and information that they need and want. On a daily basis, millions of workers use that access to do their jobs – and they take that access for granted, in large part because of the relative ease in accomplishing it. But there’s a facet to this access that should always be kept in mind, both by users of networks and the administrators charged with protecting those same networks and data: Access is a privilege and not a right.
We often see the dichotomy of privilege-versus-right show up in things like website terms of service: Violate the rules, and you can be blocked from further access. Revoking that kind of access privilege is fairly cut-and-dried, and can be witnessed, for example, on social media platforms and forums.
Access is a privilege, not a right.
Privileged Access Can Be Complicated
In the business world, however, access – and properly managing that access – is a much more complex issue. Different users will need differing levels of access to differing resources. Employees may need access to view certain reports in order to do their job, for example, while developers will need database privileges to write queries and admins will need privileges to manage the databases and servers themselves. In each case, granting the wrong level of privileged access to a user risks compliance, security, and other issues.
Controlling role-based privileged access, then, is important. But there are also access privileges that should be time-dependent, such as when an outside contractor needs access in order to do their contracted work. In such cases, it’s imperative that administrators be able to control both the privilege level of access as well as for how long that access is granted.
Privileged Access: A Simple Analogy
An analogy that’s removed from the complexities of a network architecture may be helpful in understanding the concepts involved:
Suppose you have a plumber coming to your house to work on your kitchen sink. Obviously, you will need to give them access to your house – and further, to your kitchen – for the time that they need to accomplish their work. While they are in your house, you’ll of course control their internal access: They can be in the kitchen, but they have no need to access the bedrooms, for example. And once they have finished their work, the privilege of accessing your house is removed – you won’t allow them to just come in whenever they desire.
It’s a simplistic example, to be sure, but it’s conceptually the same as providing and monitoring access to a corporate network. But for network and security administrators, there may be hundreds of workers to monitor, around the clock. Some of those workers will need to access the kitchen, as it were – but others will have a legitimate need to access other areas. Compounding the problem, some workers will try and get into areas where they shouldn’t be, whether out of curiosity or actual bad intent – and to compound the problem further, corporate networks will typically have many different points of access (front and side doors, as it were) that all need to be constantly monitored.
Privileged Access Management Needs Tools to Scale
Because of the high number of access points, and differing privileges which must be managed for different users, network security at scale is a task that no system administrator can accomplish on their own. Privileged Access Management (PAM) tools are designed to give administrators exactly the kinds of capabilities they need to secure multiple access points, both internal and external, while at the same time ensuring that users have the proper privileges they need.
While implementations vary, the best PAM tools reduce the burden on administrators across many fronts. On the access side, for example, they can funnel traffic to multiple servers and resources through a central portal, allowing for easy monitoring and validation of all privileged sessions flowing into and out of the network while reducing the threat of attack that’s inherent to distributed or unmonitored access points. At the same time, a strong PAM solution is also working to ensure that users are both properly authenticated and have the proper privileges to access the information and tools they’re seeking to use.
Adding Flexibility to Power: PAM Custom Rulesets
To do this, the PAM tool must have the ability for administrators to define custom rules for access control based not only on identity, but also on various circumstances such as time, location, originating IP address, and other factors. Administrators might grant contractors performing server maintenance access only from one to three in the morning on the day of their work, for example – and also control to which particular servers those contractors have access. Further, they might also want to ensure that remote access comes from legitimate locations. If the user attempts to violate any of these rules, the PAM tool has the capability to automatically terminate the session and thus deny the privileged access, avoiding potential malicious activity.
Finally, a strong PAM solution should provide granular session history. This is an important feature for securing a network, because it allows administrators, for example, to replay sessions and see what users did, and when, even down to the level of mouse clicks and command-line instructions. To return briefly to our example of the contractor doing server work, such granularity can be used to verify that the contractor did the work that they were supposed to do – and nothing else. In the case of suspected attacks or breaches, this kind of information is also invaluable: It provides not only for assessment of any potential damage or data theft but can also suggest ways for administrators to further improve their network security. And because access is indeed a privilege and not a right, such session history also provides the audit trail of user actions and access that’s necessary to ensure both internal and external regulatory compliance.
Granting Privileges, Not Conferring Rights
Ensuring the right users have the right access under the right circumstances to sensitive assets is both critical and complex. But the difficulty of the task should never convert this privilege into a right in the minds of either users or administrators – and proper privileged access management will go a long way towards ensuring that that never happens.