“Don’t you trust me?”
For many of us, these words form part of a negative scenario which we’ve either observed or been subjected to in our personal lives. And yet, also for many of us, these may be similar to words that we have at one or more points in time uttered to people responsible for giving us access to computer systems at work.
After all, having to wait for a bureaucratic bottleneck created by limited access to key systems can grind progress to a halt. And when that access is a regular barrier to getting your job done, it only seems reasonable to get the access for yourself and trim hours or days off of the time to completion for key tasks.
Once you have the access, it could be easier to remove one of your teeth than to get you to give it back. Not only does it make your job run more smoothly, but it makes you feel valued and trusted. And if other people know you have it: prestige! Maybe even a source of free drinks.
Your work friends come to you to get results instead of going through their designated bureaucratic path, and you make their lives easier by giving them instant results. And, when you go out for drinks after work, they make sure you know you’re appreciated.
Then, when you no longer require this access as your job responsibilities change, but your work friends still need it, why volunteer to have it taken away?
Pressure from Upper Management
That’s one scenario. Here’s another: a new payroll application is being installed, and you’re the systems person assigned to ensure everything is in place and functioning properly. But it turns out, there are a lot of security permissions associated with it due to the sensitivity of the data, and so you keep running into roadblocks that delay implementation further and further as you wait for the overworked security people to give you the latest access that you hadn’t realized was necessary.
In frustration, you email the security section head and your own management and ask for temporary authorization to give the security permissions yourself so you can finish the project before it gets any further overdue. After careful deliberations and serious warnings about the importance of tracking, documenting and being able to justify everything carefully, they agree to give you the authorization, giving into the pressure from upper management to finish the project quickly.
Everything Goes Sideways
One last scenario, following on from the first two: Everything goes sideways. Accounts get mysteriously out of balance. Electronic approvals are given that lead to public disclosure of confidential materials by someone whose position should not have allowed them access. Checks are mysteriously sent to a name and address that don’t belong to a known or trusted recipient. And changes are made that cause key applications to stop functioning for days until everything is repaired, leading to headlines in major newspapers, losses in stock value and resignations of key members of the board and executive.
Blamestorming time has begun.
A Downward Spiral
At this point, three things need to happen:
1. Repair the affected systems and data
2. Repair the organization’s reputation
3. Establish credible assignment of blame with commensurate consequences
You see where I’m going with this? It will take years to identify and prove the culprit(s) in court, but there needs to be an expedient finding of guilt now, to allow the organization to recover while it can. So the search is on for everyone who could have been responsible. Who had the access necessary to do the deeds? Did their job officially require that access? Was there appropriate auditing and separation of duties to ensure that no action could be taken without a second disinterested party being aware?
And that’s when they discover you. You’ve been giving people more access than your job role officially allows for years, and you’ve benefited personally from it. Or, you have access to make sensitive changes that aren’t subject to constant scrutiny and approvals. It doesn’t matter that others trusted you enough to give you security perks. It matters that potentially guilty parties must be found, and you’ll do.
One fine day, you suddenly find your office possessions in a box. Your access has been removed and security walks you out of the building and advises you to contact a lawyer.
10 years later, it may be proven that you didn’t do anything wrong, but no one cares anymore at that point. And of course your career probably never recovered.
If you’re as valuable as you thought, and if those who gave you too much access believed you to be, then you also left a gaping hole in your organization, taking valuable skills and knowledge with you, not to mention demoralizing all the coworkers who remained.
Protect Key Personnel
This is why we have things like separation of duties—a requirement that no one person have complete unexamined access to a critical system. Rather, there should always be at least two parties watching each other to ensure they’re both honest—not because they aren’t, but rather to save everyone’s butts if things do go wrong by being able to prove that they’re honest, and couldn’t have gotten away with secret acts of dishonesty anyway.
In other words, protect your best people by not forcing them to be primary suspects if you get hacked. Instead of taking offense to the requirement that their security access be limited, take a fence and protect your key personnel, so they’ll still be there to help pick up the pieces if things do go wrong.