Why do so many businesses allow unfettered access to their networks? You\u2019d be shocked by how often it happens. The truth is: your employees don\u2019t need unrestricted access to all parts of our business. This is why the Principle of Least Privilege (POLP) is one of the most important, if overlooked, aspects of a data security plan. <\/p>\n\n\n\n
When we say \u201cleast privilege\u201d, what we actually mean is \u201cappropriate privilege\u201d, or need-to-know. Basically, this kind of approach assigns zero access by default, and then allows entry as needed. (This is pretty much the opposite of what many of us are taught about network access.) But by embracing this principle, you ensure that network access remains strictly controlled, even as people join the company, move into new roles, leave, etc. Obviously, you want employees to be able to do their jobs; but, by limiting initial access, you can minimize the risk of an internal breach.<\/p>\n\n\n\n
If you haven\u2019t already, now is the perfect time to take a look at your network access policies. After all, it\u2019s about protecting your business and customers\u2014not to mention your reputation.<\/p>\n\n\n\n
Listen to\u00a0the podcast: Episode 6 | Shoring Up Your Network Security with Strong Policies\u00a0to learn more about implementing the Principle of Least Privilege and other network security best practices.<\/a><\/strong><\/p>\n\n\n\n It\u2019s no surprise that employees enjoy taking liberties at the workplace. In fact, Microsoft reports<\/a> that 67% of users utilize their own devices at work. Consequently, they may push back on POLP policies because it means giving up some freedom, like installing personal software on work computers, using their BYOD in an unauthorized fashion, or having unlimited usage of non-essential applications.<\/p>\n\n\n\n Ultimately, you need to prepare for hard conversations. For example, you\u2019ll have to explain that the goal of Principle of Least Privilege is to provide a more secure workplace for everyone. It\u2019s not a reflection on who your employees are or even their seniority; it\u2019s about security<\/em>. So, it\u2019s essential for you, the MSP or IT leader, to initiate the dialogue around access control\u2013\u2013often and early. And, at the end of the day, it\u2019s your responsibility to implement POLP policies that protect your network.<\/p>\n\n\n\n There\u2019s a common misconception in cybersecurity that the firewall and\/or antivirus is all you need to stop all network threats. But they don\u2019t protect against internal threats, such as phishing or data theft. This is where access policies are necessary to fill in the gaps.<\/p>\n\n\n\n Here\u2019s a prime example: let\u2019s say you have an employee whose job is data entry and they only need access to a few specific databases. If malware infects that employee\u2019s computer or they click a phishing link, the attack is limited to those database entries. However, if that employee has root access privileges, the infection can quickly spread across all your systems.<\/p>\n\n\n\n Cyberattacks like phishing<\/a>, ransomware<\/a>, and botnets<\/a> are all designed to circumvent firewalls. By following an appropriate privilege model, you can limit the number of people who can bypass your firewall and exploit security gaps in your network.<\/p>\n\n\n\n When it comes to implementing POLP in your business, here are some tips for getting started:<\/p>\n\n\n\n Why do so many businesses allow unfettered access to their networks? You\u2019d be shocked by how often it happens. The truth is: your employees don\u2019t need unrestricted access to all parts of our business. This is why the Principle of Least Privilege (POLP) is one of the most important, if overlooked, aspects of a data […]<\/p>\n","protected":false},"author":165,"featured_media":29419,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3005],"tags":[],"yst_prominent_words":[],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29417"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/165"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=29417"}],"version-history":[{"count":1,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29417\/revisions"}],"predecessor-version":[{"id":29421,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29417\/revisions\/29421"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/29419"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=29417"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=29417"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=29417"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=29417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Navigating the difficult conversations around access control<\/h2>\n\n\n\n
Firewalls and antivirus aren\u2019t enough <\/h2>\n\n\n\n
Tips to achieve least privilege<\/h2>\n\n\n\n