Jul 21 2020
When People (Including IT Admins) are a Gaping Hole in Your Security Perimeter
When most hackers break in, they root around, but have limited access due to lack of privileges. But what if the cybercriminal had the same rights as the CIO? Devastating, right?
More and more those high-level privileges are exactly what the bad guys are after. They pine for your admin rights.
The rise in credential cracking and privilege attacks demonstrate that we must treat IDENTITY as a PRIMARY SECURITY PERIMETER. This is a much-needed shift from the traditional focus on network security. Network perimeters keep getting more porous, and that perimeter defense cannot be as effective as it was before the explosion of BYOD devices and cloud applications.
RBAC Keeps Insiders in Check
Both types of attacks exploit the risk of granting too many global privileges. In fact, CoreView has rewritten the rules for RBAC in the Office 365 world. The new best practice is to segregate duties within your team and grant only the amount of access to users that they need to perform their jobs. Instead of giving everybody unrestricted permissions in your Office 365 tenant, allow only certain actions at a particular scope.
There are other identity management issues, many of which were settled in the on-premises world, but have to be readdressed in the world of SaaS and hybrid networks.
Talk to CoreView
If your future involves the Cloud and SaaS, you really should talk to CoreView. We offer delegated administration and role-based access control built for your network today – and tomorrow. Our user provisioning and lifecycle management of identities are built for modern cloud and hybrid environments.
While we serve your user management and identity needs, we go far further. There is so much we do that Azure AD doesn’t – such as finding malicious log-in attempts, sign-ins from infected devices or from out of the norm geographies. We also track end user activities relative to Azure, and provide rich auditing and reporting.
That is the tip of the CoreView end user and identity management iceberg. At the same time, CoreView offers deep Office 365 management, security and helps your end users more fully adopt O365 services.
Protect Your O365 Tenant With CoreView
Get your O365 security profile FREE with our new CoreDiscovery solution. You can get your free software now at the CoreDiscovery sign up page: https://www.coreview.com/core-discovery-sign-up/. Or sign up for a personalized CoreView demo
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.