Car thieves would rarely steal a 2001 Corolla.
But a brand new Range Rover? That’ll get their attention.
There’s a greater payoff for the thief’s risk. That risk-reward relationship is similar to how hackers value different types of accounts. Information from any garden-variety account can be sold on the Internet or used to wreak havoc.
High privilege accounts are particularly valuable to hackers because, as the name implies, they have power over most or all aspects of a system.
What Are High Privilege Accounts?
Broadly speaking, high privilege access accounts are user accounts that can alter system infrastructure. This type of access is mostly limited to high-level IT professionals within an organization, like the Head of Network Security, CISO, and similar roles. They need this access to make large changes to an entire system, sometimes in response to a cybersecurity risk, but often just for general maintenance.
There are a few of these types of accounts. Domain accounts give users access to multiple servers, workstations, and even other users’ accounts. Local accounts offer access to one server or workstation, and their main use is for system maintenance. As the name would imply, application accounts give users access to applications.
Those accounts all allow those high privilege users to make the system safer for everyone. They allow users to solve problems with greater ease and implement sweeping changes so that workflow isn’t interrupted.
What’s the Problem?
Besides the risk of hackers gaining access, high privilege access users can intentionally leak massive amounts of information. Some may choose to sell it, while others may choose to leak it for ethical reasons. For example, Edward Snowden was able to release as much information as he did (“thousands” of documents, though he downloaded more than 1.5 million) because he had high privilege access.
Snowden is an outlier, but he captures the very real risk that comes with high privilege access accounts. If a user with that much access has any motivation to torpedo an organization, they could do so without many obstacles.
That’s because those types of users also don’t have much oversight over their actions. They’re able to claim that any nefarious actions were just a mistake, allowing their actions to go undetected for a long time.
What to Do?
Implementing oversight for these types of accounts isn’t impossible. The problem is that it’s difficult to imagine how to implement that type of oversight. There’s the question of where the oversight would end and how much would be appropriate. Implementing it could end up looking like a snake eating its own tail.
A more reasonable option to be more stringent with who has a high privilege account, and ensuring that these users are properly authenticated. Since login credentials can be stolen, the key to authentication is for the user to present something that demonstrates beyond a doubt that they are who they say they are. This wouldn’t just keep credentials from being stolen. It would also create a stronger culture of accountability because it would be clear exactly who undertook a certain action and when.
Biometrics are an elegant solution to the issue of authentication for high privilege access users. Since they’re being used by consumers for daily transactions already, such as purchasing apps, there’s little to hold organizations back from implementing them more widely. Plus, there’s built-in legal non-repudiation with biometric authentication, meaning that users are responsible for their actions because biometrics can accurately verify their identity. “High privilege” doesn’t have to be a synonym for “high risk” with biometrics.