Organizations are realizing that guarding their network perimeter, with Firewalls and VPNs, does not provide adequate security in today’s threat environment. Credential theft, accidental data exposure, insider threats; the need for identity and device authentication within the network must be coupled with the Principle of Least Privilege to harden our networks.
The good news, if we focus on that side of the coin, is that there are some simple processes still available to most organizations; low-complexity methods of removing some prominent attack surfaces. Performing regular review and removal of access for built-in and populous security principles is one of these opportunities.
Well-known Security Principals like Everyone, Domain Users, and Authenticated Users are often inappropriately used to provide users with access to data within file shares; unthinkingly giving vast numbers of authenticated (and possibly unauthenticated) users access. Northern offers a standardized solution which very quickly reveals where these groups have access, the type of access they have, and how this access has been applied (explicit, inherited). Northern can take this further by revealing the type of information contained in the affected shares and folders, so called ‘toxic-combinations’. Armed with this information organizations can quickly prioritize and harden this all-too-often overlooked security weakness.