Published: 28/01/2020
By: Charlie Pulfer

Three Steps to Achieving Zero Trust Security by Eliminating Elevated Privileges

Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.

Zero Trust must go further than identifying the person. If the fundamental tenet is that we should not trust, then we must try to avoid assigning any privileged credentials. Elevated privileges are keys to the kingdom, and as such must be restricted.

What is Privileged Task Management (PTM)?

PTM is a business-centric approach to systems management that was created to solve the problem of zero trust security and data privacy. PTM removes all native access to systems and data. Instead, users perform operations via automated Tasks.

Privileged Task Management Involves Three Steps

  1. Build automated tasks that normally require elevated privileges. To begin this would be things like password changes, adding users, deprovisioning users etc. Tasks are programmed, repeatable, controlled; no trust is required.
  2. Delegate the automated task to to roles or individuals within the organizations, whether that is an admin, helpdesk or business user. Note, we do not assign any privileges, only the ability to run the task. A user can perform only the operation allowed within the task
  3. Audit all tasks. Record all system actions. When a Task is executed, an audit record is captured that properly tells the story of the business task being performed; the who, what, where, and when of the operation.

Implementing these three steps will eliminate the need to use elevated credentials and will meet the requirements of Zero Trust Security.

Tasks, the Heart of PTM

At the heart of PTM is a modeled Task. PTM makes it simple for an organization to model complex tasks. In just a few hours, an organizations first Tasks become operational with the following benefits:

  • Tasks are modeled once and used repeatedly
  • Tasks encompass business process knowledge
  • Tasks remove dependence on people
  • Human error is eliminated
  • Task audit records tell the true story of who, what, where and when
  • Eliminate complex log assembly and diagnosis for operational awareness
  • Capable of complex, multi-system operations and incorporating approvals
  • Reduce organizational burden

Cloudbridge PTM

Cloudbridge is the undisputed leader in the PTM space. Cloudbridge makes it simple to implement zero trust security via PTM. The Cloudbridge platform includes hundreds of already-modeled Tasks for managing users, groups, mailboxes, mailflow, and more. Cloudbridge makes it extremely simple to model Tasks using familiar PowerShell and then provides instant Web Portals. Access to Web Portals can be delegated to roles or individuals in the organization.

For more information go to https://cloudbridgeplatform.com/products/

arrow-circle-up