Automated Access Management in critical Infrastructures

Sustainably reduce the attack vector on file servers in critical infrastructures through continuous monitoring & autocorrect of permissions.

Cases such as “Locky” or “WannaCry” make it clear what damage potential emanates from data encryption by ransomware. The damage would be particularly high in companies classified as Critical Infrastructure (CRITIS). For this reason, the IT security law makes it mandatory for them to implement organizational and technical protection measures based on an assessment of the threat situation.

In addition to defending against dangers, such as infections by Trojans, the focus should therefore also be on reducing the potential extent of damage. An important component for the operation of file servers and ensuring the integrity of the data stored on them is the strict adherence to and enforcement of the need-to-know principle according to BSI basic protection. Restricting a person’s access permissions to the necessary directories enables a controllable permission situation as well as reducing the attack vector usable by malware. A restriction of the access permission to the smallest possible group of people is possible on the level of different operating or directory systems by technical measures. Even if these systems often reach their limits, for example due to complex structures, available tools enable an analysis and adjustment of the permission situation by creating reports or graphic representations. Changes in the file systems are identified and clearly presented to the IT administration or helpdesk. An audit-proof documentation of these permission changes is usually associated with a high effort.

Control through continuous monitoring

This is where the BAYOOSOFT Access Manager comes in with its complete automation of access management. By continuously monitoring the existing permission structure in the Active Directory and the file system, unintentional or intentionally induced manual changes in access permissions are a thing of the past.

The regular comparison of the actual permission situation with the target status recognizes these accesses as unauthorized and resets the permissions via autocorrection to the status defined by the data owners and audited by the system. Data managers and IT administrators receive an e-mail or at the push of a button a clear report of the deviations found and can therefore analyze potential sources of danger.

In addition to this essential approach of keeping permissions permanently at a controlled and audit-proof level, the Access Manager also achieves a significant reduction in the manual effort of IT administrators through its automation. This is particularly important in heavily regulated areas and critical infrastructures in order to achieve considerable work and cost savings and therefore have time to focus more on protecting against further infections, for example. This is achieved by shifting the daily business of changing permissions to data managers in the departments. Thanks to the intuitive user interface, end users can independently submit requests for access permission in the Self-Service Portal and the responsible persons can approve them with just a few clicks, either from the mail or directly in the system. This transparent process allows questions about the permission situation to be answered without the support of IT administration: Who has access to which data or what can an employee access? Thus, even after years, it is still possible to completely determine which user could have made which changes at which time – an important starting point for the analysis of internal and external attempted attacks.

Transparency for network separation

A further means of reducing the potential for damage in critical infrastructures lies in a technical separation of the networks up to the zero-trust approach. A consistent encapsulation of individual production environments of e.g. classic office IT networks that have been evaluated as critical offers a further option to close potential gates for targeted manipulation or disruptions. In order not having to operate the entire IT network according to the standards for critical infrastructures, the separation of the networks provides an approach to cost-efficiently increase the protection level by reducing the attack vector.

If you come to the conclusion that a network separation is appropriate from a risk perspective, you are faced with the challenge of obtaining transparency about the existing permission situation. It is not uncommon for employees to be given multiple user accounts in various networks. To establish a company-wide reference of access permissions to a specific person is only possible by means of a time-consuming manual combination of analyses from the different networks.

To meet this challenge, the Access Manager provides a global view of the permission situation. By using one instance of the AM in each of the various separate sub-areas, the permissions remain permanently at the desired level. In addition, all information from monitoring and audit can be reported within the company to a central reporting instance. By merging Active Directory users into one natural person, the authorization situation can be tracked across departments and the actual permissions per employee can be clearly displayed with information on the time of permission and possible expiration date.

If there is an additional requirement to exchange data between critical sub-areas and e.g. office IT environments in a controlled manner in order to enable users to work in both environments as efficiently as possible and as accustomed to them, the Access Manager supports the synchronization of permissions. As a result, only one request is required for the necessary access permission to the same data in two file systems. This enables a smooth and understandable process of the permission request for the employees and reduces waiting times.

Conclusion

The IT Security Act obliges companies in the field of critical infrastructures to check their systems with regard to security and availability and to take measures for their protection. The use of the BAYOOSOFT Access Manager is a proven means to reduce the usable attack vector on file servers by restricting access permissions. Continuous monitoring of the permissions and the autocorrect of permission do not allow manual changes behind the system anymore. Compliance with the defined authorization situation is therefore guaranteed at all times and documented in an audit-proof manner with all permission changes.

Even if critical networks and office IT environments are completely separated for risk reasons, the Access Manager makes it possible to maintain a company-wide overview of the permission situation. By replicating the permissions, comprehensive access structures can be mapped so that users can access the required systems as usual. At the same time, this ensures a high level of protection.

Would you like to learn more about the advantages of automated access management?

Make an appointment today for an individual product presentation or visit one of our regular webinars. Our access management experts will be happy to introduce the BAYOOSOFT Access Manager to you personally: