Two Sides of the Same Coin: Providing Access While

                                       Protecting Against Threats



                            By David McNeely, chief technology officer, ThycoticCentrify


            In any organization, the duality of granting necessary IT or security team administrative access while
            trying to also protect against malicious threats creates an inherent tension for the security minded. How
            can you accomplish secure access for authorized IT staff while also keeping out the mischief makers
            who want to steal your data?

            Instead of granting an IT administrator unfettered access, best practices demand that all user access be
            routed through a reliable, untainted source. To maintain security, admins can record user activities or, at
            minimum, monitor them to detect suspicious activities.

            If we flip the conversation – or the coin, in this case – security teams can also consider the best practice
            of granting least privilege or least access. Organizations may find that an administrator needs access
            with a local admin account, but this is rare. To perform their responsibilities, access is granted to admins
            using a unique account assigned to them with specific privileges.

            Access for IT staff also needs to be easy, to ensure operational efficiency without bypassing security
            controls. Given the right tools, there are a range of choices that can simplify access while also increasing
            much-needed security. Some things for organizations to consider are choosing a native or web browser






            Cyber Defense eMagazine – June 2021 Edition                                                                                                                                                                                                105
            Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.