By Zach DeMeyer Posted February 10, 2020
In the enterprise, the ability to instantly terminate Mac®, Windows®, & Linux® user access can mean the difference between smooth sailing and a security breach at the hands of a disgruntled employee. Unfortunately, without cross-OS system management tools, IT departments may not be swift enough to prevent an attack before it’s too late.
Why Time is of the Essence with System Access
There are several occasions where IT needs to revoke a user’s system access, but the principle reason is offboarding.
Negative Effects of Improper Offboarding
Deprovisioning a user is typically innocuous. An employee leaves the company on good terms with no malicious intent. They turn in their laptop and the IT department can take their time to remove the user from all of their resources. In a situation where an employee disagrees with their departure from a company, however, they may lash out destructively before they leave.
For example, a terminated IT employee at an online university used lingering admin access on his workstation to change the school’s G Suite™ login information. In doing so, he locked all users — students and staff alike — out of their accounts, and then held the credentials ransom for $200k. It was only after a long legal battle that the ex-employee released the over 2,000 G Suite accounts he held hostage.
This is just one example of the many times a security breach has occurred due to nonchalant, unautomated offboarding. Of course, offboarding isn’t the only reason an IT admin may need to instantly terminate a user’s system access.
An Inside(r) Job
Of the 41,686 security incidents analyzed in Verizon’s 2019 Data Breach Investigation Report, 34% of them were determined to involve inside actors. This number has steadily been on the rise since 2014. Although it’s hard to determine the exact causes behind these insider incidents, it’s safe to assume that the perpetrators used their workstation as a part of their attack.
Many IT departments have security tooling in place that can help them suss out a potential bad actor within their organization. Unless an IT admin can remove the suspected user’s system access immediately, though, the insider can still carry out their nefarious deeds.
Instantly Terminate User Access Across Operating Systems
It’s apparent that time is of the essence when it comes to removing system access, but the tricky part is finding a way to effectively do so. Many IT organizations are deeply entrenched in Microsoft® Active Directory® (AD), utilizing it as their source of system management. While AD is very effective for Windows system management, it struggles with managing Mac and Linux systems. Using AD to terminate access to the two operating systems is a struggle as well.
Modern IT organizations need a system management tool to control all aspects of a user’s system lifecycle, from first boot to last access, regardless of its OS.
Cloud System Management
A cloud directory service reimagines Active Directory for the modern era, connecting users to virtually all of their IT resources with a single set of credentials. That includes Mac, Windows, and Linux systems, as well as applications, networks, infrastructure, file servers, and more — regardless of protocol, platform, provider, or location.
With a cloud directory service, IT admins can choose to suspend a user’s account or remove them from their access group instantly. Doing so denies them access to their system(s) and other resources, whether for offboarding or any other reason. It’s important to note that, when suspended or removed from a group, a user account remains active; it’s inaccessible by the user until the IT admin reinstates access or deletes the user’s account entirely.
Beyond instantly terminating access, organizations can leverage a cloud directory service to track system activities and sniff out a potential vulnerability before it becomes an issue. When it comes to identity and access management, a cloud directory service will Make Work Happen® for IT admins and end users alike.
Contact us if you are interested in a cloud directory service. We’d be happy to point you towards the right solution for you.