Let’s take the example of Alice, an ACME subcontractor who needs access to the company’s computer system to perform maintenance on some of its key servers. Where is the user trying to access from? Is the user authorized to work during this timeframe, and how long will the user need access? What exactly is the user trying to do with his/her access? The purpose of Just-In-Time security is to automatically assign the privileges a user needs on the fly and address the 3 main access factors: location, time, and actions. Facilitate security without impacting productivity.Enable secure remote access to sensitive assets.Manage human and machine privileged users.Streamline & automate privilege escalation processes.Eliminate excessive privileges and enact the Zero Standing Privileges policy.Improve their overall cybersecurity posture.Just-In-Time (JIT) security policies help companies to: However, JIT will not only protect your accounts thanks to the time factor but also mitigate attack vectors that use techniques such as lateral movement, preventing malicious actors from advancing and elevating their privileges on the network. If this approach is applied to all accounts, risks will be reduced extremely quickly. Thanks to Just-In-Time, an always-on privileged account can very easily be reduced from a permanently active state to just a few minutes. Microsoft’s 2021 vulnerabilities report states that elevation of privilege was the #1 vulnerability category, representing 44% of total vulnerabilities, a nearly twofold increase over 2020 (not to mention that removing administrative rights from endpoints would reduce all of Microsoft’s critical vulnerabilities by 56%!) Granting elevated privileges only when needed – no more and no less – restricts exposure to a minimum while still allowing users to get on with their work. When too many users have too many privileges at all times, the chances of credential theft, exploitation, and escalation to steal secrets, encrypt data, or bring systems to a halt increase exponentially.
JIT grants users, processes, applications, and systems specific rights and access to perform certain tasks for a predefined period of time.Īs a policy, Just-in-Time security aims to minimize the risk of standing privileges to limit risk and exposure to potential cyberattacks. Just-in-Time (JIT) access security is a fundamental practice that helps reduce excessive access privileges and is a key tool in implementing the Principle of Least Privilege and the Zero Trust security model. Although there are several methods to implement it, the main objective of JIT is to control the time of use of the privilege – or possible misuse of it – and to reduce the attack surface (IoT, multi-cloud environment, DevOps use, robotic processes automation, etc.).Īs Gartner points out, by 2025, 75% of cyber insurance companies will require the use of the JIT principle when implementing Privileged Access Management (PAM)… so get ready as soon as possible with PAM4ALL! Why Just-In-Time? Reducing the risks associated with the abuse of privileged access, or even eliminating privileges altogether (Zero Standing Privilege – ZSP), is the very principle of Just-In-Time (JIT). It is therefore essential to reduce and control the footprint of privileged access in the environment by controlling their scope (which authorizations are granted and where these authorizations are applicable) and duration (when the authorization is granted and for how long). The digital transformation of companies and the need for remote access to information systems means that the type and number of privileged users (administrators, business managers, suppliers, etc.) is constantly increasing.
0 kommentar(er)
