By Amos Aesoph – CSO, Xigent Solutions
Think about all of the data on your network. Now, think about the number of employees who have access it. Can you say with certainty which employees have access to key files or administrative accounts? If you're feeling overwhelmed, you're not alone.
Many businesses struggle with managing user restrictions. But failing to address this critical component of cybersecurity can put your organization at risk. It's hard to imagine that a trusted employee could be an attacker, but it happens. According to a 2018 survey of cybersecurity professionals , 53 percent of respondents confirmed insider attacks against their organization in the previous 12 months.
Here are two questions to ask when thinking about user restrictions:
Who has access to what files?
File permissions specify who can access a file and what they can do with it (e.g., read-only, edit, delete). And it's important to understand how these are configured on your network. Just like you wouldn't hand out your facility keys to any employee, you should make sure your files are in the right hands.
Which file permissions need to change?
Say, for instance, that an employee in your payroll department accepts a new position in your finance department. Will this employee still have access to payroll files, or will you alter the file permissions? And when will you make the change? This can be complicated if the employee is training the payroll successor or if there's any overlap in the transition, which is why having a policy around file permissions can help.
Explore your options for an automated solution.
Unfortunately, most company networks do not have default mechanism that gives you a 30,000-foot view of your file permissions. Thankfully there is software that does. These solutions work by scanning your network to record file permissions by employee name or file folder. Then, the software condenses the results into an easy-to-read report. These reports can identify not only file permissions but also the location of important and stale data, the latter of which can eat up valuable storage space. Certain solutions can even alert you if a file is nefariously moved from one folder to another.
To learn more about automatically managing your organization's user restrictions, please give us a call.