In most organizations, there’s a hierarchy for which employees need access to files in order to do their job. For example, most employees don’t need access to HR or Accounting records, while Sales and Client Services teams are probably the only departments that need access to client information. On the other hand, being too open-handed with access can lead to abuse or cyber attacks.
As you’re going through the process of setting up your employees’ access to information, there are a few things to consider:
- Does everyone in a particular department need access to the same information?
- What is the least amount of access someone should have to do their job efficiently?
- Is there any data that absolutely no one except for one or two people needs access to?
- Conversely, is there data that everyone in the company should be able to freely locate and review?
The answers to these questions are important because they’ll help inform your policies and procedures. It’s recommended that organizations implement a Principle of Least Privilege (PoLP), in which case questions two and three are particularly important.
In many organizations access to data is granted on a “who doesn’t need to know what” basis. This means that everyone has access to nearly everything, except for the highly sensitive HR and Accounting files. Similarly, since the HR and Accounting teams need access to personnel files - and those are the only files that are restricted - people in those departments might have access to every piece of data, even if they really don’t need it. It’s also not uncommon for members of the IT team to have “admin” rights and therefore have access to a large chunk of company data that has nothing to do with their job.
What Is a Principle of Least Privilege (PoLP)?
The best and most secure way to structure your access hierarchy, however, is to start from the bottom and work your way up. The PoLP dictates that users should have access to as few resources as possible while allowing them to efficiently do their jobs. This doesn’t mean that they should have access to next to nothing and have to request access to every file, but it could mean being savvy about how your files are structured and possibly re-organizing some information.
Let’s go back to our example of the HR team. Although HR does need access to sensitive employee information and - in some cases, accounting information (to run payroll based on commissions, perhaps) - they’ll almost never need access to client and sales information.
Therefore, you can create a file structure where HR and Accounting intersect (but don’t share everything). In other words, you can allow the HR team access to only the files they need, while restricting certain members of the team to certain files, if possible. This is important for a number of reasons:
- It protects your data internally. We aren’t saying your own team is going to sabotage you but having fewer cooks in the kitchen is generally a good idea to prevent data loss (or simply data misplacement).
- You’re protecting your data from external threats. If a member of the HR team is hacked, the hacker will only be able to gain access to a limited number of files. (This is why all sensitive data should be encrypted and limited from employee access.)
It’s also important to consider the role of IT in these situations. As mentioned, IT team members often have admin or superuser rights and therefore have access to all company data. This makes them prime targets for hacking. The most secure way to set up their access is to limit the access rights of individual team members and create two accounts for each team member: their regular account and a superuser account that can be accessed when needed. The superuser account wouldn’t be one that is logged into regularly, therefore making it less likely to become a target.
One more thing. When you’re implementing a PoLP, you want to make sure you aren’t making it overly arduous on anyone to get their jobs done. If someone in Client Services needs access to Sales data and has to constantly request access to files, then you’ll create a log jam of work not only for the Client Services team but also for the IT team that has to constantly grant and revoke access on an as-needed basis. PoLP should never be a barrier to the user. With forethought and planning during the implementation phase it is a convenient, transparent layer of protection for your data.
Remember, create a system that grants users access to all of the information they need and none of the information they don’t.
Working with a Managed Service Provider (MSP) is an excellent way to get your IT and data under control and secure. To learn more about what it’s like to work with an MSP, download our eBook What to Expect When You’re Expecting IT.