Versions Compared

Old Version 1

changes.mady.by.user David Doret

Saved on

compared with

New Version 2

changes.mady.by.user David Doret

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties

ID

OM-BP-0002

Name

Leverage Data Lineage to Identify Unauthorized Access

Status

Status
colourGreen
titleActive

Version

1.0

Best Practice

Use Leverage fine-grained data lineage on critical data to identify unauthorized access points.

Rationale

By definition, a user account or principal may perform operations on systems and operations constitute an inherent risk.

A user account requires oversight during its lifecycle. For instance:

  • its password may need to be reset,

  • it must be deactivated or deleted when no longer needed,

  • someone must be available to answer questions regarding it,

  • someone must have authority to take decisions regarding it.

Hence, clear ownership must be assigned on user accounts.

Inactive Accounts

It would be wrong to consider that inactive accounts do not need an owner.

For instance, there are undeletable native accounts that are deactivated to reduce the attack surface of the operating system. Break-the-glass procedures make it possible to reactivate the native account to execute an authorized operation. Such accounts obviously need an owner.

Also, when an account is deactivated as part of the leaver process, the original account owner is no longer here to speak for that account. Would the organization need to reactivate the account for administrative or technical reasons (e.g. to regain access to a particular resource), we would need an account owner as well.

Bad Practices

  • Accounts with no owner

  • Accounts with 2 or more owners

Implementation Details

...

Issue an account management policy including:

  • clear description of exhaustive account categories

  • description of how ownership is assigned and maintained for all account categories

  • description of the rules for ownership over inactive accounts

  • requirement for all employees to report non-compliant accounts with clear communication channels

...

Assure you have record systems to maintain information on account owners

...

Manage exceptions with a structured process

...

fine-grained data lineage on critical data elements provide visibility on how the sensitive data flows throughout the organization from capture or origination to consumption via transformations.

This map reveals the access points on sensitive data. Hence, the IAM function should collaborate with the Data Office function to leverage this valuable information and integrate it into the access rights management process to mitigate the risk of unauthorized access.

Bad Practices

  • No coordination between the Data Office and IAM functions

  • No visibility in how sensitive data flows throughout the organization

Implementation Details

  • Liaise with the Data Office function to coordinate data lineage efforts

  • Re-use data lineage to gain a holistic view of sensitive data access points

  • Leverage data lineage to mitigate the risk of unauthorized access to sensitive data

Quotes

AC-2 ACCOUNT MANAGEMENT

Control: The organization:

(…) b. Assigns account managers for information system accounts; (…)

(NIST, 2013, p. F-7)

See Also