Put Passwords in the Right Hands Using Role-Based Access Controls
Are your company’s passwords on a need-to-know basis? How easy would it be for a low-level employee, a recent hire, or a trainee to gain administrative control of one of your critical systems or those of your clients? If it’s a simple matter of loading up a spreadsheet and navigating to the right line, then your company’s password management practices could use some improvement.
In a previous post on this blog, I discussed the three must-haves of a password management system: access control, auditing, and change management. Let’s take a closer look at access control.
Different roles for different folks
If you’re in the IT business, it’s likely your company and its team members work with a number of different clients, each with a different set of passwords required to access their networks, devices, applications, shared online accounts, etc. So it makes sense that you would want to store all those different passwords in a centralized location so that you can retrieve them easily when you have to. But not every member of your team works on every account, and so, not every team member needs access to the credentials required to work on every account. In addition to that, different employees have different levels of authority—different levels of trust granted to them by those in authority at your company.
To account for these differences, what I recommend is role-based access to credential information and, in fact, role-based access to the functions of the password management system itself (the ability to create and change credentials).
How do password role-based access controls work?
In a role-based system, roles are defined according to factors like authority within your organization, accounts worked on, level of training received, and anything else that might differentiate what one employee needs to know from another. Roles are then assigned password access permissions, which can include the ability to view, change, add, or remove credentials, or the ability to do nothing at all without requesting and receiving permission.
For example, in a role-based password management system, a junior technician who needs a reminder of the password to access the wireless router for one of your clients can log into the password management system and get that information. But, when that same technician attempts to access a router password for a client he doesn’t service, he will be blocked. That’s because that access hasn’t been assigned to his role. At the same time, a manager who oversees technicians who are assigned to both accounts can access, and if appropriate, change the credential information for both routers.
If that’s not clear, think of it this way: On your office computers or those of your clients, you probably assign each new user to a general account, rather than granting administrative privileges. This prevents users from installing software or making changes that are potentially harmful to the rest of the network. The same should be true for your password management system. Give people an inch and they’ll take a mile. Give employees access to passwords they don’t need and, eventually, someone will misuse that access and make unauthorized changes that could jeopardize your company’s security and your standing with your clients.