One of the biggest data breaches of all time occurred not by a malicious external actor, but by IT contractor Edward Snowden, who was able to take privileged information from the National Security Agency (NSA). The fact that Snowden had access is not a unique problem for the NSA, according to a new study sponsored by security firm Vormetric.
"One of the big revelations in the survey is that 73 percent of respondents said they don't block privileged users from access to sensitive data," Vormetric CEO Allan Kessler told eWEEK.
The Vormetric-sponsored study was conducted by Enterprise Strategy Group and surveyed 700 IT security decision makers. Fifty-four percent of the survey respondents also indicated that it is now more difficult to protect against an insider threat than it was two years ago. There are several reasons for this, according to Kessler, among them being the growing use of cloud computing and virtualization. Contractors are also a particular challenge. Kessler noted that Snowden was a contractor and he had tremendous access to data.
"The fundamental problem is that the folks that have access to manage an internal system have incredible amounts of privileges," Kessler said.
He added that system administrators need to have privileged access to be able to manage servers and big data stores.
"However, very few organizations realize that they can keep privileged users from seeing data and still allow them to do their job," Kessler said.
The growing use of the cloud exacerbates the issue of privileged users. Kessler noted that when an enterprise puts its workloads in the cloud, those same privileged users can also see data and can potentially do damage.
Role-Based Access Control
The idea of role-based access control (RBAC) is one that has existed for decades in IT and still serves a core role in security information.