privilege creep
What is privilege creep?
Privilege creep is the gradual accumulation of access rights beyond what individuals need to do their job. In IT, a privilege is an identified right that a particular end user has to a particular system resource, such as a file folder or virtual machine (VM).
What causes privilege creep?
Privilege creep often occurs when an employee changes job responsibilities within an organization and is granted new privileges. While employees may need to retain their former privileges during a period of transition, those privileges are rarely revoked and result in an unnecessary accumulation of access privileges.
Why is privilege creep a problem?
Privilege creep, which is a common problem in organizations of all sizes, creates a two-fold security risk. First, an employee with excess privileges may be tempted to use those privileges inappropriately. Second, if an intruder gains access to an end user's account -- and that end user has excess privileges -- the intruder will also have excess privileges. Either scenario poses a risk that could result in data loss or theft.
The security risks caused by privilege misalignment are so great that the FBI and Department of Homeland Security have issued a public service announcement about it. It warns that an increase in insider threats from disgruntled and/or former employees can be traced to privilege creep and authorized access to sensitive information and the networks.
How can privilege creep be addressed?
Privilege creep can be minimized by enforcing the principle of least privilege (POLP) and limiting permissions to the minimal level employees need to perform their job.
Privilege creep can also be minimized by conducting periodic access rights reviews. This is a process in which system owners and managers confirm each employee's need to access specific roles and rights to discover and revoke excess privileges. An identity and access management (IAM) system can facilitate a user access review and provide administrators with the ability to view and change access rights.