When you set up new users in cloud accounts and other company systems, one of the first steps during setup is to decide what type of access that person will have. This will enable or restrict users as to what they can see and do in a particular application or SaaS tool. Account levels will typically start at the lowest level and move up higher until you get to a level that can do anything in an account, including access payment details. Each cloud solution will have its own user access levels, but some standard ones include:
- Account Owner: A privileged account that can access all settings, payment details, and information for all users
- Administrator: A privileged account that can generally add and remove users, change security settings, and do things like add platform customizations
- User: This is a standard account that is not considered privileged. The user can use the application, enter data, etc. according to the areas a privileged account grants them access to.
- Guest: A guest user will generally be restricted to a read-only role or given very limited use of a platform, but is not entering data into it every day like a user
One problem that many businesses have is that they don’t keep track of the accounts with privileged, high-level access. They may not even have a policy in place that dictates which job roles can be granted higher-level access to a certain business tool. It might just be up to an office manager’s discretion. This is a problem because those privileged accounts are prime targets for cybercriminals. As many as 80% of data breaches have been tied back to a compromise of privileged user credentials. An attacker can do much more damage when they log in as an administrator, rather than a user or guest. For example, they may be able to add and remove users and change the access level of another user. So, they could actually lock a real administrator out of an account and do as they like with the data and user information they find. The fewer privileged accounts you have, the better because it reduces your risk of a more serious data breach of a cloud account. That’s why it’s critical to regularly audit your privileged accounts to ensure you don’t have more than you need to and that they’re properly protected from an account takeover.
How to Audit & Better Secure Privileged Accounts
Take an Inventory & Start a Log of Accounts
First, you need to know where you stand as to how many privileged accounts you have in each of your cloud tools and who has them. Create a spreadsheet or other type of record for each cloud tool and each user account in them and include the access level of all users. This gives you a base to start from for your audit. The easiest place to get these lists is from inside each of your applications. Look in the user management section. Some apps might even allow you to export the list.
Close Accounts No Longer in Use
Look for any privileged accounts that are no longer in use. These may be accounts that someone forgot to close when an employee left the company, or they could be accounts that an employee just no longer uses in their workflow. Close these unused accounts. This both reduces your cloud subscription costs and improves your account security.
Interview Privileged Account Owners and Adjust Privilege Levels Down Where Possible
For the remaining privileged account owners, interview the users to find out if they really need that high-level access. If someone hasn’t needed to use any administrative capabilities in the last 6 months, then they don’t need to have privileged access all the time. Adjust down user privilege levels where you can to reduce your risk.
Enable MFA on All Privileged Accounts
One of the best protection you can put in place for a cloud account is multi-factor authentication. It keeps a vast majority (99.9%) of attackers from breaching an account even if they have the password. This should ideally be enabled for all user accounts, but it’s especially important to use for privileged accounts.
Put Policies in Place for Account Creation & Who Gets Higher-Level Credentials
To prevent privileged accounts from getting out of control in the future, put policies in place that dictate which job roles or which circumstances need to be in place to grant higher-level access to a business app.
Audit Privileged Accounts Regularly
Once, you’ve audited your privileged accounts and improved their security, keep them under control by auditing them regularly (at least once per year) using this same process.
Get Help With Access Security Solutions That Keep Your Cloud Environment Protected
Managed IT Asia can help your Singapore business better secure your cloud accounts and ensure you’re not at high risk of an account takeover. Contact us today to schedule your free consultation. Call +65 6748 8776 or reach us online.
MANAGED IT ASIA, we are an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses across Asia. Call us at +65 6748 8776 and let us manage your Small Business IT today!