Finding the Right Balance Between Access and Security

Michael Vizard

A lot of the trouble with IT security these days comes down to the simple fact that no one is sure who has the right to access what within the IT environment. The end result is that a lot more users than anyone realizes have privileged user rights to access elements of the system that they shouldn't. And invariably, it's only a matter of time before either they or someone else compromises a system, taking advantage of some privilege that somebody should not have had in the first place.

To help deal with an issue that has gotten out of hand inside many IT organizations, Viewfinity recently released a free tool that IT organizations can use to discover user accounts that have local administrator rights. From there, it's a simple matter of coming up with a list of the people who have access to those applications and how many of them really need privileged user rights.


From there, Viewfinity then recommends using its Privilege Management 3.6 offering to more granularly manage access rights. According to Viewfinity President Gil Rapaport, a big part of the IT security problem today is the all-or-nothing way access rights are managed. Privilege Management 3.6 gives IT organizations a way to more granularly manage privileges without having to give every user access to, say, kernel-level drivers.

In the realm of security an ounce of prevention is always worth a pound of cure. Given that many security threats, especially insider ones, take advantage of some human error related to access rights, having a set of policies in place that are flexible enough to allow people to get their work done without having to give away the keys to the digital kingdom would seem to be a rational approach to balancing security versus productivity.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.