Breaking the Boundaries of Access Management: Exploring the Power of Privileged Accounts
Greetings, my fellow cybersecurity enthusiasts! It’s my pleasure to bring you yet another exciting piece of my journey in cybersecurity. In my last post, we discussed the principle of least privilege, but today we’re going to dive into another interesting concept: privileged accounts and more.
Privileged accounts are those accounts with permissions beyond those of normal users, such as managers and administrators. These accounts have elevated privileges and are used by different classes of users, including systems administrators, help desk or IT support staff, and security analysts.
As organizations often need to delegate the capability to manage and protect information assets to various managerial, supervisory, support, or leadership personnel with differing levels of authority and responsibility, delegation should be contingent upon trustworthiness. Misuse or abuse of privileged accounts could lead to harm for the organization and its stakeholders, which is why measures would be taken to moderate the potential for elevated risks from misuse or abuse of privileged accounts.
Some of these measures may include more extensive and detailed logging than regular user accounts, more stringent access control than regular user accounts, deeper trust verification than regular user accounts, and more auditing than regular user accounts.
All of these measures we’ve learnt together so far in this journey fall under “privileged access management”. Let’s delve into another part of “privileged access management”, which is “segregation of duties”.
A core element of authorization is the principle of segregation of duties (also known as separation of duties). Segregation of duties is based on the security practice that no one person should control a high-risk transaction from start to finish.
Furthermore, another interesting concept I was introduced to is the “two-person integrity”. The two-person rule is a security strategy that requires a minimum of two persons to be in an area together, making it impossible for a person to be in the area alone. This rule may help reduce insider threats to critical areas by requiring at least two individuals to be present at any time.
As I continue on this journey with you, I’m constantly learning new concepts and techniques and also sharing them to help secure organizations’ information assets. Join me on this exciting journey, and let’s continue to explore the fascinating world of cybersecurity together and please do not forget to leave a review. Thank you!