“How do I prevent an administrator from seeing my organization’s sensitive files?” This question was posted to one of Microsoft’s community forums earlier this week. As expected, the responses basically drew the conclusion that if an admin was determined enough then there wasn’t a lot that could be done. Also, if you found yourself in that situation you should instead be looking at your employee hiring process rather than looking for a technical solution. This response has been the standard for many years when it comes to over-privileged admins – and not just for SharePoint but across other systems too. However, is this still an acceptable answer? And is it still true today or could more be done?
Of course, before I delve into details, I should also point out that this isn’t just about protecting your sensitive data. It is also about protecting your other valuable asset – your people. In this case your admins. (Or if you are an admin, a little bit of self-preservation). Not allowing admins to see certain data is not just about keeping things secret, it should also be about reducing the exposure risk for the admins themselves. If data is leaked, they will have enough on their plate without adding them to the list of possible culprits responsible for the leak.
More than just a precaution, it’s a real issue
I can think of two recent real-life examples where the issue of curtailing the access over-privileged admins applied. A SharePoint admin told me that they had been asked to check the permissions on a file that contained details of an impending round of lay-offs from the company. The admin accidentally saw part of the file during this process. Luckily for them their own name was not on the list, but what caught their eye was that their friend’s name was. HR and Managers are paid to carry the burden of information like this, IT administrators are not.
Similarly, a customer of ours wanted to ensure that only certain people could access the documents of their Board of Directors. They were not satisfied with the usual practice of relying on permissions, separation of duties for administrators and auditing to monitor for anyone attempting to grant themselves access to the files. Due to the nature of the files and the increasing responsibilities for data privacy that exist today they felt the “standard” approach to over-privileged admins was not good enough.
It’s time to do better
Frankly, it shouldn’t be good enough for any organization. The technology exists to effectively eliminate this problem and protect both the sensitive data and your people. The stakes in the current climate are just to high to accept a strategy that is full of holes and caveats. And the excuse of this being a matter of trust in your employees is a little naive. Unfortunately, there are sometimes abuses of trust, but remember that trust goes both ways. Organizations have a responsibility to uphold the trust that their employees place in them to provide reasonable protection for when things go wrong.
Watch the overview video to see how Nucleus Cyber’s NC Protect dynamically adjusts access and protection – based on real-time comparison of file content and user context – to prevent unauthorized users and admins from seeing information that’s not meant for them.
