IT privileges and temptation...
Kelly Jackson Higgins, Dark Reading:
The users with the organization's highest and most powerful privileges are also the most likely to use their access to snoop around the network for confidential information.
A new survey from Cyber-Ark Software found that 28 percent of IT managers in North America have snooped, and 44 percent of those in Europe, the Middle East, and Africa have done so, too. Around 20 percent of respondents in North America and 31 percent in EMEA say one or more of their co-workers have used administrative privileges to reach confidential or sensitive information.
And one-fourth organizations worldwide are not monitoring the use of privileged accounts at all.
This is a complex problem without an easy solution. Ultimately, we always have to trust someone to do the administration and operation of applications, databases, systems and communications infrastructure. And in this trust lies the problem.
There are solutions to protect data with encryption that can, to some extent, limit access to most people, including those who are responsible for IT operations. It is relatively simple to adopt encryption solutions to protect email and files that reside in our disks. We can even use encryption mechanisms to protect data in transit over networks. However...
However, when it comes to databases, well, things are more complicated. Difficult, indeed. I won't go into technical details in this note but, believe me, encrypting tables or fields for each user (or a set of users) is not simple. In addition, the risk of losing information if the keys are lost, this risk, is not zero (we can mitigate it with key recovery processes, it's true, but this will add complexity and another attack vector).
And a significant part of the gold is... in the databases, of course.
What to do then? In my opinion, what can be done – that doesn't solve the problem entirely but limits it – is to turn on the logging of data access and execution of relevant operations, on the one hand, and, on the other hand, to ensure that there is an active monitoring process of these logs, undertaken by independent teams.
In addition to this monitoring, there isn't much we can do that is, simultaneously, effective and has an acceptable cost.
Do you have other ideas on this subject? Share them with us here, please (!)