Why Admin Rights Removal Is only the First Step towards Data Protection


When it comes to protecting data, removing admin rights is one of the most effective methods at an organisation’s disposal. Doing so minimises the likelihood that a successful attack on an individual’s account will be able to affect widespread system changes or install malware. 

But many organisations still overlook the fact that restricting user admin rights represents just one cog in the data protection machine. Risks can never be completely removed but, by complementing the removal of admin rights with additional security measures, businesses can go a long way towards reducing the impact of any attacks. 

More security means less privilege across the board

In 2017, our Microsoft Vulnerabilities Report showed that 80 per cent of all vulnerabilities in core applications, such as Word, Excel and PowerPoint, can be eliminated by restricting the number of individuals who hold admin rights within an organisation. 

Although it is a strong starting point, organisations must view this as a platform to build their data security on, rather than a silver bullet to end all concerns around potential attacks. For example, a default setup of user accounts that hold the lowest possible level of privilege needed for staff to carry out their roles can bolster security by:

  • Minimising the parameters of an attack: Attackers will only be able to access areas of a business related to that user's role, further reducing the type and amount of information they can access.  
  • Reducing the spread of malicious software: Should an account become compromised, embedded malware will only be able to disseminate across a small part of a network, again minimising an attacker’s impact. 
  • Reducing insider threat: Attacks can originate from inside an organisation through aggrieved employees. By creating an environment of least privilege, businesses can reduce these users’ access solely to the data and systems pertinent to their roles, again enhancing data protection. 
  • Increasing network stability: Unsolicited changes can be identified more quickly and easily when the scope of systems and files affected is reduced, giving organisations a timely advantage when it comes to resolving them.  

The advantages of least privilege adoption are seen most prominently when organisations are faced with a successful assault on their systems. In cases where attackers can breach a company's outer defences, the level of access they will be granted on the inside is significantly reduced. 

Although it is often only when an organisation suffers a successful assault on its systems that it is able to appreciate the benefits of this approach, being prepared for this situation is invaluable. Under least privilege adoption, attackers that breach a company’s outer defences will find that they are granted a significantly reduced level of access to its data and systems. 

Layering your security with application control

To better defend themselves against malicious attacks, organisations should be actively introducing application control.This important additional layer of security makes certain that unauthorised applications are unable to execute in a way that compromises the security of data. 

The process is managed through a process of whitelisting and blacklisting all applications, ensuring administrators have full visibility and control over their IT systems. The advantages of application control include gaining the ability to:  

  • Monitor and adjust applications within a network: Provides a clear and complete picture of all active and inactive applications and systems. 
  • Prevent unauthorised execution: Only authorised applications can execute. All executions that are not approved on a whitelist are automatically prevented from doing so. 
  • Better understand data traffic: Companies operating application control can more easily monitor the flow of data within their systems, providing details on users’ access requirements and activities.
  • Improve network stability: By limiting the extent to which changes can be made, administrators can promote greater stability and better mitigate adverse changes. 
  • Protection against known exploits: Vulnerabilities in unpatched operating systems and third-party applications can be reduced. 

By controlling applications in this way, businesses can reduce their vulnerability to attacks by gaining more control and visibility over the way in which their systems interconnect with applications. This provides greater visibility over the transfer of data throughout their organisation as a result.  

Those that are committed to developing stronger safeguards against cyber threats shouldn’t rely on just one method to keep their data safe. Instead, they should proactively combine methods to bolster the security setup of their business and reduce the risk of damaging data breaches as a result. 

About the author: Andrew has been a fundamental part of the Avecto story since its inception in 2008. As COO, Andrew is responsible for Avecto's end-to-end customer journey, leading the global consultancy divisions of pre-sales, post sales and training, as well as customer success, support and IT.

Copyright 2010 Respective Author at Infosec Island via Infosec Island Latest Articles "https://ift.tt/2x2BTbk"

Comments

Post a Comment

Popular posts from this blog

Evernote cuts staff as user growth stalls

Image
Note-taking app Evernote has fallen on hard times of late, culminating in its latest spate of job cuts impacting 15 percent of its workforce (54 employees). CEO Chris O' Neil -- an ex-Googler who took the reins in 2015 -- announced the firings at an all-hands meeting earlier today, reports TechCrunch . In a message on the Evernote blog , O' Neill admitted he'd set "incredibly aggressive goals" for the company in 2018. He continued: "Going forward, we are streamlining certain functions, like sales, so we can continue to speed up and scale others, like product development and engineering." The layoffs follow an exec exodus just weeks ago and the company's recent brand refresh (complete with a refined logo and wordmark). But critics are more concerned about its product, especially the free tier, which they claim lacks the perks to
Read more

The best air conditioner

Image
By Liam McCabe This post was done in partnership with Wirecutter . When readers choose to buy Wirecutter's independently chosen editorial picks, it may earn affiliate commissions that support its work. Read the full article here . After six summers of researching, testing, and recommending window air conditioners, we've learned that quiet and affordable ACs make most people the happiest—and we think the LG LW8016ER will fit the bill in most rooms. This 8,000 Btu unit cools as efficiently and effectively as any model with an equal Btu rating, and runs at a lower volume and deeper pitch than others at this price. Little extra features like a fresh-air vent, two-axis fan blades, and a removable drain plug help set it apart, too. The LG LW8016ER is a top choice for an office or den, and some people will find it quiet enough for a bedroom, too. If our main pic
Read more

We won't see a 'universal' vape oil cartridge anytime soon

Image
Pre-loaded cartridges of cannabis concentrate are currently among the most popular means of consumption, and for good reason. They're discreet to use and easy to handle, a far cry from the dark days of 2016 when we had to dribble hash oil or load wax into narrow-mouthed vape pens by hand. But, frustratingly, an ever increasing number of oil cartridge manufacturers employ one-off design standards so that their products won't work with those of their competitors, thereby locking customers into proprietary ecosystems. We've already seen this with nicotine vaporizers -- which has a seen a massive rise in "pod systems" in the last few years, each outfitted with a unique canister and battery built to be incompatible with those of their competition. Is it too late for the burgeoning cannabis industry to set a universal standard for their product designs?
Read more