How many employees within your MSP require full unrestricted access to the entire business network to perform their daily duties?
The answer to that question is most probably very few or none, and yet many businesses still hand over the keys to the kingdom to new employees as part of the onboarding process.
Granting network access this indiscriminately is pretty reckless and only makes your organization more vulnerable to cyberattacks and internal data breaches.
The solution? Implement the Principle of Least Privilege.
What is the Principle of Least Privilege?
The Principle of Least Privilege, or POLP, is the practice of limiting access rights for users to the bare minimum permissions they need to perform their work. In other words: if you don’t need it, you don’t need access to it.
To implement POLP policies, you’ll need to make zero access the default for all employees and then begin granting it as necessary.
Eventually, every employee within your organization should have access to only the accounts and services they truly need to do their jobs, and these privileges can later be updated as they move to new positions or exit the company.
The risks of unrestricted privilegeAt its core, POLP is a precautionary measure designed to minimize any potential damage to the network in case of a cyberattack or data breach.
Suppose one of your employees has access to the entire network, and that employee falls for a phishing attack, unknowingly revealing their credentials to a hacker. Instead of gaining access to just the handful of corporate accounts that employee uses day-to-day, they’d instead have access to the whole network, and be in a position to compromise everything.
Another example: suppose one of your employees decides to go rogue and leak some confidential information. If all they have access to are a handful of accounts they need to do their job, they may not even have access to that type of information to begin with. But if they've been given access to the entire network, there’s no telling what kind of damage they'd be able to do.
How to implement the Principle of Least Privilege
All you need to do is control who knows certain passwords and who doesn’t, which sounds virtually impossible, unless you use Myki for MSPs to manage your MSP's passwords.
Once you import all your passwords and invite your team members to join, you’ll be able to quickly and easily share those passwords with the appropriate users, based on the appropriate level of access they require.
When a new employee joins your MSP, you can just grant them access to the passwords they need, and when an employee leaves, all you need to do is revoke that access. It's as simple as that.
Sign up for Myki for MSPs today and take control of your digital identity.