Zero Standing Privileges (ZSP) is a security principle that advocates for the removal of all persistent privileges for users within an enterprise’s estate. Practically Zero Standing Privileges is a progression from the concept of just-in-time access. This control reduces risk by preventing a user from accessing the system by removing all entitlements until temporary access is authorized and granted.
Examples of JIT controls:
JIT Group membership
Adding a user to a user group temporarily for a configured period.
JIT Creation of account
Creating an account with administrative access upon request for a period of time.
JIT Enabling of Administrative Accounts
Upon request enabling a shared administrative account for a period of time.
How does Zero Standing Privileges extend this?
Zero Standing Privileges leverage the same concept of requiring users to obtain access as and when needed. Going beyond a binary on or off view to the user’s access, It extends past that using the principle of least privilege.
Although left with zero entitlements aligned to it, including often trivial ones such as basic read-only roles, a user’s identity is available on the target system. This is ideally achieved using federated identity. A persistent identity will ensure accuracy in logging and improve any live monitoring of actions.
How does Zero Standing Privileges work?
The first action a user will take is to authenticate and request the temporary alignment of a role or series of entitlements. This role should be established using the principle of least privilege. Any request should be time-bound considering that longer time windows increase the exposure to risk.
This request, made up of the entitlements + the time it is needed, should then be processed. In a simple implementation of Zero Standing Privileges, this could be handled in a manual approval flow. But wherever possible, attempts should be made to automate this process.
Once an assigned approver grants approval., the system provisions the entitlements or role to the user’s federated identity.
The user then undertakes their planned work. As part of the connection process, the platform configures the relevant access for the defined period of time.
Upon completion of the work, the user either shuts the ZSP session off or allows the grant to expire. The ZSP system will enforce the removal of all the entitlements or roles requested.
The user is returned to the default state of zero permissions.
Why Is Zero Standing Privileges Important?
Adopting Zero Standing Privileges is crucial for an enterprise’s identity security program as workloads shift to more dynamic environments. In the cloud, security teams can no longer rely on traditional methods of securing these platforms, such as network perimeters. In many cases, identity becomes the most effective place to implement controls. Removing any standing privileges and then granting privileges in limited and considered amounts is one of the most effective ways to enhance these controls and massively reduce the risk of credential theft and lateral movement.
How Do You Implement Zero Standing Privileges?
Like other concepts, such as the principle of least privilege, ZSP is a journey. An organization needs to a find way to elevate access just-in-time, only granting relevant entitlements for a limited period. This mechanism should be tightly integrated with ITSM or ChatOps tooling to accelerate approvals. Finally, continuous monitoring, logging, and auditing should be implemented to effectively detect and respond to any unauthorized access attempts or anomalies.