Page 105 - Cyber Defense eMagazine forJune 2021
P. 105
Two Sides of the Same Coin: Providing Access While
Protecting Against Threats
By David McNeely, chief technology officer, ThycoticCentrify
In any organization, the duality of granting necessary IT or security team administrative access while
trying to also protect against malicious threats creates an inherent tension for the security minded. How
can you accomplish secure access for authorized IT staff while also keeping out the mischief makers
who want to steal your data?
Instead of granting an IT administrator unfettered access, best practices demand that all user access be
routed through a reliable, untainted source. To maintain security, admins can record user activities or, at
minimum, monitor them to detect suspicious activities.
If we flip the conversation – or the coin, in this case – security teams can also consider the best practice
of granting least privilege or least access. Organizations may find that an administrator needs access
with a local admin account, but this is rare. To perform their responsibilities, access is granted to admins
using a unique account assigned to them with specific privileges.
Access for IT staff also needs to be easy, to ensure operational efficiency without bypassing security
controls. Given the right tools, there are a range of choices that can simplify access while also increasing
much-needed security. Some things for organizations to consider are choosing a native or web browser
Cyber Defense eMagazine – June 2021 Edition 105
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.