Today’s government IT professionals set rules to provide users with access rights, improving workflows while protecting agencies against threats. Unfortunately, the prevalence of mobile devices and cloud-based applications has made it increasingly difficult to establish those controls. This has led to security and compliance challenges, particularly surrounding identity and access management (IAM).
Mobile devices and cloud services have made it tougher for IT teams to get a handle on network activity. Employees are turning to many different applications—some of which may be considered unsanctioned “shadow IT” apps—and will often request access rights to get around what they consider security roadblocks.
These factors contribute to an increase in accidental or intentional insider threats that can pose significant risk for data loss. According to the 2018 SolarWinds federal cyber security report, careless or untrained insiders are the largest source of security threats for government agencies.
Here are three steps managers can take to gain better control of their agencies’ security postures without impeding their colleagues’ workflows.
Audit who has access and what they’re accessing. Automated monitoring can help teams gain a good perspective on which applications are being used and who’s using them.
Managers can start by scanning their Active Directory and file servers to analyze user access to systems, files, and data to identify unknown users and users who may no longer work for the agency.
Set up role-specific templates aligned with security policies and enforce a policy of least privilege. Inevitably, users will get promoted, move to different teams, and increase their responsibilities. In anticipation of these events, IT managers should incorporate an overall policy of least privilege enforceable on a case-by-case basis. Providing access privileges for only what’s necessary can go a long way toward keeping things under control.
Shine a light on shadow IT. It’s not just users IT needs to worry about; it’s also the applications they’re using. Monitoring can also shine a light on the applications users might be accessing without knowledge of the IT department. Applications posing risks can be disallowed, while those deemed safe can continue to work yet be closely monitored to ensure they remain secure.
Shining a light on all the applications in use can offer a clear understanding of what’s going on, so they can better secure their networks. This is particularly important for file-sharing services that could increase the risk of data loss.
Avoiding Unwanted Friction and Preserving Productivity
Managers can be forgiven for wanting to block wide swaths of applications, users, and devices, but it’s not a practical approach—it can lead to unwanted friction between government employees and IT staff and undermine agencies’ ability to take advantage of the many benefits provided by cloud-based applications.
Creating a solid IAM program is a much better option. It ensures the right users have the right access to the right applications without compromising security. That’s a win-win for everyone.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.
Learn more today by joining now.