Ensuring Authorised Use of Elevated Permissions
Introduction
Privileged access rights grant users and processes the ability to perform actions beyond those of standard accounts. If not carefully managed, these elevated permissions can introduce significant security risks. A proactive approach to allocating, monitoring, and reviewing privileged access is essential to maintaining confidentiality, integrity, and availability within an organisation.
Purpose
The primary objective of managing privileged access rights is to ensure that only authorised users, software components, and services are granted elevated permissions, and only for the duration required by their roles. By doing so, organisations can minimise potential misuse of privileges and reduce the likelihood of security incidents.
Key Principles of Privileged Access Management
Authorisation Process
Establish clear policies and workflows for granting privileged access. Refer to the organisation’s access control policy (see Section 5.15) to align with broader security requirements.
Require appropriate approvals before assigning or modifying privileged permissions.
Minimum Necessary Privileges
Assign privileges based on the minimum requirement for an individual’s functional role.
Review responsibilities, skill sets, and operational needs to avoid unnecessary or excessively broad access.
Event-by-Event Access
Provide privileged access rights only when necessary (e.g., for critical changes or maintenance activities).
Where feasible, use ‘break-glass’ procedures or privilege access management tools to manage short-term or urgent access needs.
Accountability and Traceability
Maintain a detailed record of all privileged accounts and their assigned permissions.
Log privileged activities for auditing purposes. This enables quick detection and investigation of suspicious actions.
Review and Revocation
Conduct periodic reviews of privileged access assignments, particularly after organisational or role changes (see Section 5.18).
Enforce expiry dates or re-authorisation requirements for privileged accounts.
Elevated Authentication Requirements
Apply stronger authentication measures (e.g., multi-factor authentication) for privileged accounts.
Require re-authentication or step-up authentication before performing tasks that require elevated privileges.
Single-Purpose Usage
Use privileged identities exclusively for administrative tasks, not for everyday functions like reading email or browsing the web. Provide separate standard accounts for routine activities.
Avoid generic administrator or ‘root’ accounts. If system constraints require them, secure them carefully and manage their authentication information to prevent unauthorised use.
Unique Identifiers
Assign each user a separate identity for privileged access, preventing shared accounts among multiple administrators.
Group accounts in administrator groups where necessary, but retain the ability to distinguish individuals for auditing and accountability.
User Awareness
Ensure users with privileged access are fully aware of their heightened responsibilities and the potential impacts of misuse.
Employ interface cues (e.g., distinct user interfaces, notifications) or dedicated devices to remind users they are in privileged mode.
Key Concepts and Domains
Control Type: Preventive
Security Properties: Confidentiality, Integrity, Availability
Cybersecurity Concepts: Protection
Operational Capabilities: Identity and Access Management
Conclusion
Effective privileged access management involves meticulously controlling who can perform highly sensitive or critical actions within an organisation’s environment. By implementing strong authorisation processes, assigning the minimum necessary privileges, and maintaining thorough oversight, organisations can significantly reduce the risk of breaches stemming from misuse of elevated permissions.
A structured approach to privileged access management aligns with best practices and regulatory requirements, ensuring that security remains robust even as systems and roles evolve.
Comments