IT might live at the bleeding edge of innovation, but one of the fundamentals of modern IT security is still rooted in the early 1970s: the Principle of Least Privilege. When it was first introduced, the idea was that, to prevent breaches, every user should be given the minimal level of access to their organization’s IT infrastructure necessary to do their jobs. No more, no less. And, in theory, it made sense – limit the number of people who can reach your most sensitive data, and you limit your exposure to a breach.
But, the Principle of Least Privilege was born at a time when the first floppy disks and microprocessors were barely off the assembly line. IT today is a far different universe, and the original interpretation of Least Privilege brings problems for today’s enterprises.
For one, it is based on a fundamental mistrust of your employees; it paints each of the people working with you as a potential security risk. Least Privilege also raises barriers at a time when the enterprise is seeking greater flexibility in development. It can be difficult to react, pivot and scale when a team’s security privileges are based on the bare minimum required to do their job at any given point in time.
But, what if the central pillar of the Principle of Least Privilege – minimizing your exposure to a breach by reducing your access footprint – was turned around to face the outside world, rather than cast internally?
It’s possible. The enterprise can close off its most sensitive workloads from the outside world, while maintaining free and open access internally, by turning away from the public internet and moving to an interconnection model. Moving cloud, SaaS platform and vendor connections from the public internet to an on-demand, private and secure network of direct connections can instantly cast the Principle of Least Privilege onto any would-be attacker – rather than your own employees – and still minimize the exposure to a breach.
Like many legacy components of enterprise IT, the Principle of Least Privilege has its uses, but it needs to be adapted if it is to be fit for purpose in today’s security landscape. Interconnections can enable this paradigm shift, allowing enterprises to secure their infrastructure from the possibilities of attack or service disruption, without restricting their teams to the bare minimum of their functionalities.
Console is an interconnection platform building digital ecosystems between enterprises and business-critical partners – including SaaS, cloud service, data center and network service providers – who can directly connect at the click of a button. Our digital ecosystem of interconnections spans more than 170 POPs in 20 countries around the world. Want to learn more? Click here to sign up for a free trial, or here for a firsthand look at the Console app itself.