By Zach DeMeyer Posted February 10, 2020
In the enterprise, the ability to instantly terminate Mac®, Windows®, & Linux® user access can mean the difference between smooth sailing and a security breach at the hands of a disgruntled employee. Unfortunately, without cross-OS system management tools, IT departments may not be swift enough to prevent an attack before it’s too late.
Why Time is of the Essence with System Access
There are several occasions where IT needs to revoke a user’s system access, but the principle reason is offboarding.
Negative Effects of Improper Offboarding
Deprovisioning a user is typically innocuous. An employee leaves the company on good terms with no malicious intent. They turn in their laptop and the IT department can take their time to remove the user from all of their resources. In a situation where an employee disagrees with their departure from a company, however, they may lash out destructively before they leave.
For example, a terminated IT employee at an online university used lingering admin access on his workstation to change the school’s G Suite™ login information. In doing so, he locked all users — students and staff alike — out of their accounts, and then held the credentials ransom for $200k. It was only after a long legal battle that the ex-employee released the over 2,000 G Suite accounts he held hostage.
This is just one example of the many times a security breach has occurred due to nonchalant, unautomated offboarding. Of course, offboarding isn’t the only reason an IT admin may need to instantly terminate a user’s system access.
An Inside(r) Job
Of the 41,686 security incidents analyzed in Verizon’s 2019 Data Breach Investigation Report, 34% of them were determined to involve inside actors. This number has steadily been on the rise since 2014. Although it’s hard to determine the exact causes behind these insider incidents, it’s safe to assume that the perpetrators used their workstation as a part of their attack.
Many IT departments have security tooling in place that can help them suss out a potential bad (Read more…)