While no one could have anticipated the way in which COVID-19 would change the workforce over the last year, perhaps even more unexpected is the lasting impact the pandemic will have on remote work. With millions of employees still working from home, organizations are especially vulnerable because they lack visibility into the actual access levels employees possess across the collaboration tools and applications that make remote work possible.
The rush to get employees access so they could start working remotely may have unintentionally resulted in too much access for users—with no easy way for organizations to see and remediate that excessive access. Employees with excessive entitlements or inappropriate access levels may end up neglecting their accounts, leaving them open to potential breaches. Conversely, if employees are not given enough access to do their jobs, they may be seeking alternative ways to gain access to the tools, systems, and platforms they use every day.
Increased pressures of this rapidly expanded workforce have left IT teams, security professionals, and even managers largely in the dark about managing user access and permissions to enterprise collaboration tools like Microsoft Teams, SharePoint, Yammer, Slack, and others. With the variety of tools that make remote work feasible, it’s virtually impossible to know who has permissions to the groups, data, or files available within these applications. Plus with remote employees accessing company assets and data on multiple devices, sometimes personal devices, it’s more important than ever to know who has access to what before unauthorized access occurs.
The Impact of Unauthorized Access
According to Cybersecurity Insider’s Identity and Access Management Report, within the last year, organizations have experienced many negative impacts from unauthorized access to sensitive data, applications, or systems. The most common impacts were disrupted business activities (23 percent), system downtime (22 percent), reduced employee productivity (17 percent), increased helpdesk time (17 percent), deployment of IT resources to triage and remediate issues (16 percent), reduced revenue (12 percent), and data loss (12 percent).
It’s clear that IT professionals, security teams, and application managers must understand where the greatest identity-related access risks exist before these blind spots do further damage with an expanded workforce. Knowing that working remotely is here to stay in some form or another, what can be done to tackle major access challenges across an expanded workforce? In this blog, we will examine some of the top access risks that your business must be aware of, especially in managing collaboration, and reveal how you can quickly identify and mitigate these risks in the era of COVID-19.
Mitigating Risks Requires Knowing Who and What Is Most Vulnerable
It's more important than ever to understand where your greatest security risks exist. Here are a few of the top access challenges you should be on the lookout for with an expanded remote workforce and in the collaboration tools you use every day:
- Rapidly Enabled Single Sign-On Access: The business need to quickly enable single sign-on (SSO) access at the outset of the pandemic to applications that were previously locked down in your internal network is a major security risk, especially if there were instance where access was not provisioned in a least privileged manner. Quickly connecting to and reviewing this access may be time-critical in your organization.
- Privileged Accounts: These are elevated accounts that have access to valuable data and can execute any application, collaboration tool, or transaction, typically with inadequate or no tracking or control. Often, hundreds of privileged accounts can be found in organizations and can be used to do virtually anything, with little or no oversight, leaving them for greater potential of exploit or abuse.
- Abandoned Accounts: These are accounts that belong to employees, contractors, or contingent workers, but have been inactive for a long period of time. Abandoned accounts magnify risk and likely indicate that a process is lacking or broken where accounts would normally be disabled when no longer needed.
- Orphaned Accounts: These are accounts not associated with a valid business owner and do not have proper oversight. This means no one in the business is responsible for the account and the account is overlooked when access reviews are scheduled. Many times, orphaned accounts had been created ‘out of band’ by the collaboration tool owner or domain administrator—outside of the formal identity governance and administration process, and are unnoticed and left orphaned if the owner departs the organization.
- Unused or Unnecessary Entitlements: These are systems, applications, or even permissions in collaboration tools that are not needed or used within an organization. Many companies or departments may not delete unused or unnecessary entitlements because they are afraid they might break something. When new tools are introduced, and older applications are retired, old security groups and entitlements are not typically cleaned up.
- Nested or Hidden Access: Many organizations look primarily at access that is directly assigned to employees, contractors, or contingent workers. But nested access, or access relationships stacked and hidden underneath the top tier of access, are often overlooked and not well understood, especially within collaboration tools. This happens because assigning one entitlement with nested access can actually create more access than anticipated and open the organization to more risk.
How to Quickly Identify and Evaluate Access Risks Across Enterprise Collaboration Tools
With your work from home population likely here to stay for a while, you need to quickly identify who has access to what systems and if inappropriate access exists to any of the applications and tools used on a regular basis. Within the framework of an identity governance and administration program, here are three key ways you can start to do this in your own organization:
- Leveraging Intelligence to Reveal Hidden Access Risks: You can’t act upon what you don’t see. But knowing where to find your hidden access risks can be daunting. Start revealing critical access risks with actionable information and insights using the Core Access Risk Quick Scan. This intelligent solution allows you to conduct a scan of your environment to discover inappropriate access risks and establish a baseline for remediation specific to your most critical access risks.
- Employing a Smarter, More Accurate Way to Create Roles: One essential way for mitigating access risks is to quickly see common user entitlements and rapidly identify outliers. Core Role Designer offers a modern way of building roles, making it easy to see patterns of access that define roles and showing logical groupings of access across individual users. Plus with Smart Roles in Role Designer, you can get automatically generated and prioritized lists of intelligently proposed roles, specifically tailored to your needs. It’s a whole new way to enforce least privilege access and adopt role-based access controls in your identity governance programs.
- Seeing What Access Looks Like Using a Visual Approach: One way to easily see how you can make informed decisions about who has access to what in your organization is to try the Visual Identity Suite with a free 14-day trial. You’ll be able to see common user entitlements using your own data across your most widely-used enterprise applications, including Microsoft Azure Active Directory, Amazon AWS, and Okta. Get up and running quickly to visualize access across your enterprise applications and use your own entitlement data directly in Core Role Designer or in Core Certify.
Ready to See What Access Looks Like Using an Intelligent, Visual-First Approach?
Try out the Visual Identity Suite today with a free 14-day trial and see how easy it is to intelligently mitigate identity-related access risks in your business.