Admin Privileges: Your Top Cybersecurity Risk
Do you know who in your organization has administrator privileges and doesn’t? Managing administrator privileges is a critical part of effective cybersecurity.
Pop quiz: who is considered an administrator in your business’ IT?
The answer, if you don’t know it, may surprise you.
Often, administrator privileges are given to anyone and everyone. By default, it’s considered the simplest way to set up new user accounts, as it ensures they can access everything they need without bothering a superior or contacting the IT team.
You may not realize that this is a serious threat to your cybersecurity.
What Are Administrator Privileges?
At their most basic, administrator privileges give users the ability to make major changes to a system, typically an operating system. They can access any and all files, change other users’ access rights, install new programs, disable security features, and more.
Are you starting to see why not everyone should have administrator privileges?
The Danger Of Over-Shared Administrator Privileges
The fact is that misuse of privilege is often one of the most common ways for cybercriminals to penetrate a network.
Hackers regularly take advantage of this highly common unsafe business practice by tricking a user with administrative privileges to download and run malware or by elevating privileges on a compromised non-admin account.
How To Effectively Manage Administrator Privileges
Limit Provision Of Administrator Privileges
Make sure to limit administrative privileges to those who require them.
The fact is that the common business user should not require administrative privileges to do their job—whether that’s for installing software, printing, using common programs, etc.
Track And Manage User Accounts
You need to have a carefully implemented process to track the lifecycle of accounts on your network:
- Follow a careful process for how accounts are created for new members, how their security is maintained and verified throughout their life, and how they are removed when no longer needed.
- Implement secure configuration settings (complex passwords, MFA, etc.) for all accounts.
- Implement controls for login and use, such as lockouts for too many unsuccessful logins, unsuccessful login alerts, and automatic log-off after a period of inactivity
Maintain A Strict Password Policy
Weak passwords are a common vulnerability exploited by cybercriminals. That’s why it’s so common that passwords are required to include uppercase letters, lowercase letters, numbers, and special characters.
However, recent guidance from the National Institute of Standards and Technology (NIST) advises that password length is much more beneficial than complexity. Consider using a passphrase when you combine multiple words into one long string of characters instead of a password. The extra length of a passphrase makes it harder to crack.
Protect Admin Accounts
Once you’ve limited privileges to only a few members of the organization, make sure their accounts have the right protections in place—complex, long passwords, multi-factor authentication, configure alerts for unsuccessful log-ins, and limit administrative actions to devices that are air-gapped from unnecessary aspects of your network.
Again, this control examines how different parts of your infrastructure are accessible by one another. The fact is that cybercriminals often gain access to sensitive data by first breaking into a much less critical part of the network. If those two parts were properly segmented via a DMZ, firewall, etc., they wouldn’t be able to.
Classify & Track Your Data
Simply classify your data for easy organization:
- Level 1: Data for public consumption. Data that may be freely disclosed.
- Level 2: Internal data not for public disclosure.
- Level 3: Sensitive internal data that could affect the company if disclosed.
- Level 4: Highly sensitive corporate, employee, and customer data.
Maintain an inventory of who has access to which levels of data and audit why that is necessary for the function of their role in the organization. Also, keep track of “stale data”—that is, data that hasn’t been accessed in some time. It should be archived and removed from your systems.
Don’t Give Administrator Privileges To Those Who Don’t Need It
The reality is that most of your staff members don’t need administrator privileges to do their jobs. Giving them to all users by default is simply an unnecessary security risk.
Make sure to audit your users and double-check that everyone has the “least privilege”; any given user should only have the degree of access required to do their job.
Would you like to reduce frustrations with technology and boost operational efficiency within your business? The I.T. Matters team partners with companies of various sizes to help you create a secure, scalable, and flexible technology infrastructure.
Exceptional customer service is at the foundation of everything we do – ensuring that IT projects fully align with your business goals. Our friendly and knowledgeable team continually reviews industry trends and government regulations to help reduce risk and create a more productive IT environment for your business. Whether you are looking for full-service, outsourced IT infrastructure support, or simply need help with an upcoming technology project, contact us to help!