Are you sure that all of the users on your system have the correct access privileges? Have you removed access rights for leavers?
According to the IBM Cyber Security Intelligence Index, 55% of security attacks originate from data thieves with access rights.
It is good practice for an organisation to manage the access privileges that users have to an Information and Communications Technologies (ICT), the information it holds and the services it provides. All users of ICT systems should only be provided with the privileges that they need to do their job. This principle is often referred to as ‘Least Privilege’. A failure to manage user privileges appropriately may result in an increase in the number of deliberate and accidental attacks.
Italik can help you to:
- Review and pro-actively manage user access rights in Active Directory
- Report on groups and nested group memberships
- Remove redundant users and groups
- Implement policy based user access control and authentication
- Assess user profiles and posture
- Provide user request and data owner authorisation