While no one could have anticipated the way in which COVID-19 would change the workforce over the last year, perhaps even more unexpected is the lasting impact the pandemic will have on remote work. With millions of employees still working from home, organizations are especially vulnerable because they lack visibility into the actual access levels employees possess across the collaboration tools and applications that make remote work possible.
The rush to get employees access so they could start working remotely may have unintentionally resulted in too much access for users, with no easy way for organizations to see and remediate that excessive access. Employees with excessive entitlements or inappropriate access levels may end up neglecting their accounts, leaving them open to potential breaches. Conversely, if employees are not given enough access to do their jobs, they may be seeking alternative ways to gain access to the tools, systems, and platforms they use every day.
Increased pressures of this rapidly expanded workforce have left IT teams, security professionals, and even managers largely in the dark about managing user access and permissions to enterprise collaboration tools like Microsoft Teams, SharePoint, Yammer, Slack, and others. With the variety of tools that make remote work feasible, it’s virtually impossible to know who has permissions to the groups, data, or files available within these applications. Plus with remote employees accessing company assets and data on multiple devices, sometimes personal devices, it’s more important than ever to know who has access to what before unauthorized access occurs.
The Impact of Unauthorized Access
According to Cybersecurity Insider’s Identity and Access Management Report, within the last year, organizations have experienced many negative impacts from unauthorized access to sensitive data, applications, or systems. The most common impacts were disrupted business activities (23 percent), system downtime (22 percent), reduced employee productivity (17 percent), increased helpdesk time (17 percent), deployment of IT resources to triage and remediate issues (16 percent), reduced revenue (12 percent), and data loss (12 percent).
It’s clear that IT professionals, security teams, and application managers must understand where the greatest identity-related access risks exist before these blind spots do further damage with an expanded workforce. Knowing that working remotely is here to stay in some form or another, what can be done to tackle major access challenges across an expanded workforce? In this blog, we will examine some of the top access risks that your business must be aware of, especially in managing collaboration, and reveal how you can quickly identify and mitigate these risks in the era of COVID-19.
Mitigating Risks Requires Knowing Who and What Is Most Vulnerable
It's more important than ever to understand where your greatest security risks exist. Here are a few of the top access challenges you should be on the lookout for with an expanded remote workforce and in the collaboration tools you use every day:
- Rapidly Enabled Single Sign-On Access: The business need to quickly enable single sign-on (SSO) access at the outset of the pandemic to applications that were previously locked down in your internal network is a major security risk, especially if there were instance where access was not provisioned in a least privileged manner. Quickly connecting to and reviewing this access may be time-critical in your organization.
- Privileged Accounts: These are elevated accounts that have access to valuable data and can execute any application, collaboration tool, or transaction, typically with inadequate or no tracking or control. Often, hundreds of privileged accounts can be found in organizations and can be used to do virtually anything, with little or no oversight, leaving them for greater potential of exploit or abuse.
- Abandoned Accounts: These are accounts that belong to employees, contractors, or contingent workers, but have been inactive for a long period of time. Abandoned accounts magnify risk and likely indicate that a process is lacking or broken where accounts would normally be disabled when no longer needed.
- Orphaned Accounts: These are accounts not associated with a valid business owner and do not have proper oversight. This means no one in the business is responsible for the account and the account is overlooked when access reviews are scheduled. Many times, orphaned accounts had been created ‘out of band’ by the collaboration tool owner or domain administrator—outside of the formal identity governance and administration process, and are unnoticed and left orphaned if the owner departs the organization.
- Unused or Unnecessary Entitlements: These are systems, applications, or even permissions in collaboration tools that are not needed or used within an organization. Many companies or departments may not delete unused or unnecessary entitlements because they are afraid they might break something. When new tools are introduced, and older applications are retired, old security groups and entitlements are not typically cleaned up.
- Nested or Hidden Access: Many organizations look primarily at access that is directly assigned to employees, contractors, or contingent workers. But nested access, or access relationships stacked and hidden underneath the top tier of access, are often overlooked and not well understood, especially within collaboration tools. This happens because assigning one entitlement with nested access can actually create more access than anticipated and open the organization to more risk.
Identify and Evaluate Access Risks Across Your Enterprise Collaboration Tools
With your work from home population likely here to stay for a while, you need to identify who has access to what systems and if inappropriate access exists to any of the applications and tools used on a regular basis. The right identity governance and administration strategies and programs can help you better enforce least privilege access and tackle identity-related access risks in your business. Find out how comprehensive identity solutions can simplify identity and access management across your most widely-used enterprise tools.