The shift to cloud computing has provided many upsides for organizations. One issue that has emerged from this shift, however, is a large increase in excessive permissions; these are a major cause of misconfigurations, and make businesses extra vulnerable to damaging cyber-attacks. A notable example of this is the cyber-attack at Capital One last year, an incident whereby excessive permissions helped exaggerate the scale of the breach. With this topic in mind, Infosecurity recently spoke to Balaji Parimi, founder and CEO of CloudKnox Security, to better understand the causes of excessive permissions and how businesses can better control and prevent them from occurring.
Parimi believes the underlying cause of excessive permissions is an assumption-based approach in companies, which results in over-provisioning of permissions out of convenience. “When it is based on assumptions, almost everybody errs on the side of provisioning because they don’t want to hear ‘it’s not working,’” he noted. This issue is exacerbated in a cloud-based system, whereby administrators control all computer storage and networking across an organization; this compares to a Windows system where permissions are limited to single machines.
Parimi continued: “Once you’ve provisioned it, how do you figure out whether you over-provisioned? Somebody has to go back and review, and it’s very hard to do that review.”
With many organizations switching to a multi-cloud environment, it is only becoming more complicated and impractical to manually uncover the various permission levels different users should have. “Even getting basic visibility of who can do what across all these different cloud infrastructures requires an expert in each of the examples, because they are complex and completely different,” observed Parimi.
“You’re opening up a lot more risk when you provide excessive permissions for whatever identity it is, human or non-human”
Yet the problem of excessive permissions on the cloud infrastructure, built up in many organizations over the last 15 years, cannot be ignored any longer. The aforementioned Capital One case demonstrated how breaches can be extra potent as a result. “In the case of Capital One, a hacker got into a machine and once they got in, they were able to use a one-line command to download those half-million plus records,” said Parimi. “If that machine didn’t have that excessive permissions, he wouldn’t have had that ability. You’re opening up a lot more risk when you provide excessive permissions for whatever identity it is, human or non-human.”
The cybersecurity imperative of scaling back permissions is now dawning on many companies, but achieving this is not a simple endeavor. The first stage, according to Parimi, is to move from an assumption-based approach to one in which permission levels are decided based on data analyses. Establishing this visibility of employee needs across organizations is therefore the critical first step in reducing permission levels, but doing so manually is often impractical.
It is this problem that inspired Parimi to set up CloudKnox in 2016, where he and his colleagues have created a platform to continuously create, monitor and enforce least privilege policies across companies’ cloud infrastructures. “We look at all actions; which identities are allowed to perform those actions, which identities actually use those resources, what actions are allowed on those resources, what actions have actually been performed and which users can get to these resources,” he explained.
He added this monitoring must be on a continuous, even hourly basis. CloudKnox has furthermore established a ‘Privilege Creep Index’ in order to allow organizations to track the relative risks associated with each unique identity, displaying when action needs to be taken.
“As the cloud is infrastructure for everything, everyone wants to go with the prevention first approach. For them to do a prevention-first approach, managing permissions is key,” stated Parimi.
He also outlined how the system developed by CloudKnox aims to enable flexibility in approaches to managing permissions, with minimal inconvenience. This enables quick and easy temporary access to a particular resource to be granted to individuals.
It is only relatively recently that organizations have begun to fully appreciate the dangers of unused, high-risk privileges, with incidents such as that of Capital One highlighting the fact they can exacerbate the damage caused by cyber-attacks. Having a system in place to continuously monitor the usage and access of different privileges must be at the center of approaches to remove the unnecessary risks posed by excessive permissions.
Parimi concluded: “If you look at most misconfigurations, close to 90% are caused by accidents, whether lack of training or something else. So it’s quite simple to prevent those kinds of accidents if you implement this policy.”