The NSA Leak and Two-Person Control for Sys-Admins


by Ben Campbell

The Director of the NSA testified before the House Intelligence Committee concerning Edward Snowden’s high-profile intelligence leaks. In his remarks, Gen. Keith Alexander, who is also the Commander of the US Cyber Command, noted that there are approximately 1,000 NSA System Administrators (many of which are contractors) with similar privileged account access to what Snowden had. When asked how he could stop the next Snowden-like data breach, Gen. Alexander responded, “This is a huge problem. We’re coming up with a two-person rule to make sure we have a way of blocking people from taking information.”

According to insiders, the NSA currently has processes by which staffers grant permissions to contractors and other third parties for accessing privileged data. However these “two-person” processes are rarely implemented due to inefficiencies and other complications with onboarding and scaling to ever-increasing workloads. Prominent IT Security leaders have made public comments about these difficulties, with descriptions ranging from “cumbersome to implement” and “impractical” to “slows routine tasks” and “harder for systems administrators to do their jobs.” In addition, members of Congress have gone on record decrying the use of contractors in positions where access to classified or sensitive data is common.

The problem is not about the employment status of specific individuals. It’s about the unfettered access that privileged users have. Processes like the “two-person rule” are an integral part of Cyber-Ark’s Privileged Identity Management (PIM) Suite. Cyber-Ark’s “two-person rule” feature is called Dual Control and is a need-based workflow that functions as a “two-person” approvals and verification system for privileged access to data. Dual Control enables authorized users the ability to request access to sensitive data or systems, which is instantly relayed to data owners, empowering them to approve or deny access based on specific requests. The benefits of the built-in Dual Control workflow are many:

  1. Transparency when accessing sensitive data – know unequivocally who, when, where, why and how privileged accounts are accessed.
  2. Complete end-to-end audit trails – name a specific individual for every login, even when they are using generic or shared account credentials.
  3. Seamless approvals process – effortlessly grant data owners and managers strict control and oversight into the access of privileged account data.
  4. Easy to implement and maintain – quickly add Dual Control approvers whether one or many are required without developing a burdensome, manual process.
  5. Fast and efficient provisioning/de-provisioning – add or remove privileged access for specific users or sets of users on the fly as needs and requirements change.

The scope of the problem highlighted by Gen. Alexander is something every business faces – and is only the tip of the iceberg. Businesses can have thousands of people in the IT layer with privileged access – automating the management and control of these accounts is critical to preventing data leaks in your organization.

Leave a Reply

Your email address will not be published. Required fields are marked *

You must be logged in to post a comment.