04 Sep 2018
3 Times You Need to Follow the Principle of Least Privilege
When every part of the office involves a computer, every part of the office needs cybersecurity. Everything from the doors to light bulbs in your building is becoming computerized, so you need to have a plan for disasters that could come from any device. One of the best ways to deal with problems is to have systems in place that minimize the risk, and the principle of least privilege is an important part of that.
What is the principle of least privilege?
The principle of least privilege (POLP) is the practice of giving each user the minimal access that they need to get their jobs done. If users only need to access information, give them read-only access. If users need to make edits, you can give them writing access but not administrator access.
It can be hard to keep the principle in mind, so check these three systems to ensure they're observing POLP:
1. Your access control system.
Badges and key fobs are designed to keep visitors and everyone but authorized employees out. But access control systems can also give different tiers of access within the office. Protect the executive offices by only letting their owners and the office manager open the door. Have limited access to the server room and file rooms with only certain users keyed in instead of a physical key.
2. Your CRM.
Almost everyone in the office needs to be able to add and change data within your CRM. But some functions and approvals should be withheld for key actors only. Not only does this guarantee that novice users aren't altering the workflows, it helps streamline the approvals process.
3. Your network devices.
Your network devices are probably already protected under the principle of least privilege. But what you need to check is that the employees with administrator access are still employed at the company and that there are multiple administrators. It's easy to forget about a separate chain of access until long after someone's credential have been removed, and that means you're frozen in the event of an emergency.
Give our team a call today, for more cybersecurity and IT tips.