Last week I had a great discussion with a Snowflake database administrator (DBA). They were in the middle of refactoring their role-based access control framework which had become unwieldy because of the many bespoke roles created to fulfil individual data access requests.
Unfortunately, they’re not alone. As data teams are increasingly moving their analytical workflows to the public cloud, they encounter the growing issue of over-privileged users. To put things in perspective, a recent study by Microsoft found that only 1% of permissions granted are actually used. Knowing that 85% of data breaches result from (unintentional) employee actions, it is imperative that we implement a least privileged access management strategy that protects our data and prevents it from becoming a liability. To ensure that our cloud migration adheres to this principle, data teams design roles in their new cloud datastore to reflect how the business uses data for insights as much as possible. This way they hope to limit access to what is absolutely needed for the business to do their job, balancing people, processes and data.
However, as time passes the role-based access control (RBAC) system that was once organized becomes increasingly disorganized due to the numerous data access requests that are an inevitable part of doing business:
You can imagine how such requests eventually make your roles unwieldy.
Moreover, Microsoft’s study also found that over 40% of users have admin rights, which makes a lot of sense. When an access request comes in, it is often far easier for the DBA to grant admin rights instead of spending time identifying the precise roles that grant access to the requested data. Furthermore, as we all have busy schedules, it is quite common for us to overlook revoking the temporary permissions, and if the individual who requested such access is smart enough, they won’t remind the DBA about it. I specifically remember getting admin rights to a data source to perform a certain task during one of my previous jobs, and the DBA forgetting to revoke access. The admin credentials had the same pull on me as the Ring had on Frodo, but unlike Frodo, I kept the ring.
This brings me to the various reasons to have time-bound access management.
First and foremost, it helps avoid the accumulation of excessive privileges. Instead of giving a data worker permanent access to the data they need to complete a task or work on a project, that person should only get temporary access for the time period needed to get the job done. Second, it helps keep your RBAC simple. The role explosion that comes from creating new roles to respond to data access requests makes it much harder to understand, and therefore manage those roles. Roles should reflect the business processes as much as possible, and any deviations should be temporary. Finally, it helps maintain the transparency needed to properly assess and easily remediate the risk of your unauthorized access.
The challenge of managing time-bound data access is intricately linked to the scale of the organization. It becomes notably difficult when an organization has large amounts of data, various data sources, divergent technologies for managing permissions, and numerous data consumers. In that case, you’ll need a helping hand.
That’s why we are super excited to announce Raito’s Time Bound Access Management, which together with the Implementation Proposal and Policy Recommender will help you reduce the risk of over privileged users! This makes it easier for data workers to get access to the data they need in a faster and safer way.
With Raito’s time bound access management you can put a curfew on data access requests.
Raito allows users to request, or approve access for a restricted duration, after which access is automatically revoked. This approach is ideal for temporary access while upholding the principles of least privilege access management.
Limit excessive privileges when granting access
Raito suggests the most suitable method for providing access to the requested data objects while preventing excessive privileges to those data objects that are not in scope of the access request.
Raito’s Policy Recommender detects over privileged users and unused privileges
Our recommendation page provides actionable insights for identifying and mitigating risks associated with over privileged users and unused privileges. You can easily identify potential security vulnerabilities and take proactive steps to reduce risk.
If Raito would have existed back when, the younger me wouldn’t have had excessive privileges to sensitive data, and believe me when I say I was up to no good!
Want to see how Raito scales data access management? Book a demo!