There hasn’t been a whole lot of travel going on due to the restrictions and lockdowns in place amidst the Covid-19 pandemic, but while you won’t be getting to pack the usual critical items into your suitcase (toothbrush, socks, razor – you know the drill), you can still pack the essentials into your business network.
In fact, several governments across the globe have now said you must pack your network with these essentials, outlining mandatory security measures that organisations need to have in place to ensure – for want of a better phrase – a smooth trip.
Pre-Flight Checklist – For the Network
Denmark, the United Kingdom and Australia have all set out minimum cyber security requirements that government and other agencies should meet in order to ensure a common, high level of security:
- Denmark – Minimum Technical Requirements
- UK – Cyber Essentials
- UK – MCSS: Minimum Cyber Security Standard
- Australia – Strategies to Mitigate Cyber Security Incidents
All are broken up into similar categories relating to clients, malware protection, access management, and responding to threats, among others, and within each of these categories are various security measures to ensure adequate cyber security.
Some of these standards are mandatory: The Danish Minimum Technical Requirements. Many requirements within this scheme became compulsory as of January 1st this year, while the deadline for several others is fast approaching on July 1st, 2020.
Others are simply recommended by the government as the standards that should be met – or ideally, exceeded – in order to establish and maintain a safe IT system.
In the UK, the government-backed Cyber Essentials scheme enables organisations to gain one of two badges which identify them as having a high-level of security and protection from cyber threats.
The UK’s MCSS along with the Australian Strategies to Mitigate Cyber Security Incidents are in place to help government departments and other organisations prepare for, respond to, and recover from cyber attacks.
Landing on Common Ground
Just as every travel suitcase contains the same essential items: deodorant, a good book and a cosy pair of pyjamas (okay, so the book and PJs aren’t 100% essential, but they will make your life a whole lot better), all of the schemes described above identify more or less the same minimum requirements and agree that these standards set the benchmark for cyber security.
Several of these technical requirements take more of the spotlight than others, being heavily mentioned across all four standards.
Such is the case for the following three:
- Managing Administrator Privileges
- Malware Protection
- Logging Activity
These practices are frequently emphasised as being an essential and integral part of a safe IT system.
See the table below for excerpts from each government scheme that refer to these three common essentials:
A summary of the points made in the table is as follows:
Managing Administrator Privileges
– Organisations should implement POLP – The Principle of Least Privilege: users should only be granted the bare minimum privileges necessary to perform their function.
– Organisations should implement JIT – Just-in-Time elevation of privileges: users should only be granted administrator privileges when and where they need it, rather than having long-term access.
– Users should have to prove their need to use administrator rights before they are authorised to do so.
– Users that do need administrator privileges should be controlled and managed.
– More than one anti-malware solution should be implemented on all clients.
– Sandboxing environments should be used wherever possible.
– Whitelisting solutions should be used wherever possible.
– Anti-malware solutions should use a variety of prevention and detection techniques and should be updated regularly.
– Logging should be used on all systems within the network.
– Logging should be able to detect any attack attempting to gain unauthorised access or control.
– Logging should capture activity such as approved or denied events, file access and network activity.
How to Pack Efficiently and Effectively
Admin By Request is a Privileged Access Management (PAM) solution that packs all three of these essentials into one clean, compact, easy-to-carry (or deploy, in this case) bag.
Here’s a checklist of everything you get with Admin By Request to enable you to more easily meet the minimum cyber security requirements:
|Admin By Request|
|Admin Rights||POLP – The Principle of Least Privilege||Admin By Request allows you to revokes admin rights and choose who gets what access, based on the needs of different users and groups of users. Access can range from very strict to lenient, depending on your settings and sub-settings with the software’s user portal.|
|JIT – Just-in-Time Elevation||Admin By Request implements Just-in-Time access, with the options to:Run as Administrator – The user does not have privileged credentials, but they are able to request and run an application with administrative permissions, andRequest a Full Session elevation, which gives a user administrative privileges on their device for a set amount of time. When the time is up, so is the user’s ability to run processes as administrator.|
|Proof of Need||Admin By Request requires the user to provide a reason when they want to either Run as Administrator, have a Full Session elevation or gain admin access via Admin By Request’s fourth elevation method: a one-time-use PIN provided directly by an IT admin.|
|Control and Management||Once deployed, Admin By Request allows for the management of thousands of end users with a friendly online user interface within the software’s user portal, which contains easily-to-manipulate global and sub-settings and other management tools (described further on). As well as requiring Proof of Need, you can also configure settings to require explicit approval before the user can gain administrator access.|
|Malware Protection||MultipleAnti-malware Solutions||Admin By Request has integrated Opswat’s MetaDefender Cloud which uses over 30 anti-malware engines to prevent and detect cyber security threats. The malware detection rate of the MetaDefender Cloud is 99.02%.|
|Sandboxing Environment||Admin By Request guarantees secure software installs by supporting a sandbox environment. When users try to install software, Admin By Request intercepts the process and installs the software under a full audit trial, ensuring it is safe before any damage can be done or changes can be made to the machine.|
|Whitelisting||Pre-approval, Admin By Request’s whitelist solution, allows you to enable users to run commonly-used applications that you know are safe without needing to gain full local administrator rights to their system. This ensures productivity isn’t hampered and your users stay happy.|
|Up-to-Date Anti-malware That Uses a Range of Techniques||Opswat keeps its partners informed with the latest updates, meaning you’ll stay safe with up-to-date anti-malware software. The MetaDefender Cloud uses a variety of techniques to detect and prevent malware, including signature-matching, heuristics and machine learning technology.|
|Activity Logging||Learning Mode||Admin By Request allows you to enable Learning Mode when you first deploy the software on your system. Users still operate the same way they always have, but everything they run as administrator is logged in the Learning Mode Collection. This enables you to monitor activity and easily whitelist the necessary applications so that productivity isn’t hampered when it comes time to revoke admin privileges.|
|Auditlog||Every time a user requests administrator rights using one of the elevation methods, the activity that takes place during these processes and sessions is logged in the auditlog of the user portal. This allows you to monitor activity and detect any potential foul play, such as an attempt at privilege escalation.|
|Real-time Requests||User requests for admin access are sent in real-time to the Admin By Request user portal to be viewed and either approved or denied (if you have Require Approval set to on).|
|Mobile Application||As well as a web interface, Admin By Request provides a mobile app which allows you to view the auditlog and view / approve / deny requests for admin access from any location.|
There is a long list of critical items that are necessary for the smooth sailing of your business, but Admin By Request can help you gear up by packing a huge chunk of these essential requirements into one compact bag.
And to boot: any time you can show customers that you have these essential security measures in place within your organisation, they will be reassured and much more keen to embark on the journey with you – even if it is a virtual journey.