Most of us are familiar with the four eyes principle. Important business decisions require the signatures of two people, not one. You’ll struggle to find a legal document that doesn’t call for a countersignature. Even this blog post will be checked for errors before we hit the publish button.
However, in cyber security, applying the four eyes principle is a challenge. Keeping IT teams productive – and operations online – means allowing a certain level of autonomy. So we give individuals access to our privileged accounts with little or no day-to-day accountability.
Reducing your risk and keeping your privileged passwords protected means restoring that accountability. And the four eyes principle is, with the right technology, the perfect fit.
The importance of human security
Four eyes is essentially a principle that depends on people, not technology.
While technology can underpin your IT security in some areas, it’s important to remember the powerful role that people can play in improving your posture. They come with the advantage of experience, insight, and context that technology alone simply can’t provide.
Put it this way – your log files could tell you if an insider was acting outside your policies, but watching over a user’s shoulder is likely to be a more immediate and effective deterrent.
Unfortunately, implementing the four eyes principle isn’t that simple. With so many people using different administrative accounts – potentially at the same time and in different locations – a one-to-one level of accountability isn’t always possible.
That’s where the technology comes in. The right technology doesn’t replace the need for a human role in security – but it enables people to extend their reach and visibility across larger estates and a multitude of accounts.
Applying four eyes to Privileged Account Management
The essence of the four eyes principle is one of mutual accountability. Each individual is accountable to another, removing the risk of completely autonomous decisions, and increasing the likelihood that errors will be detected.
In Privileged Account Management, your goal is to allow administrative access wherever it is required, without losing your overall governance and visibility.
So, applying the four eyes principle, you can:
- Detect errors and unauthorised access by monitoring and recording sessions
- Mitigate the risk of an insider threat with increased visibility over how administrative credentials are being used
- Investigate alerts by accessing recorded sessions
- Require two independent passwords whenever your most sensitive recordings or reports need to be accessed
Using the principle in security and Privileged Account Management isn’t about using two people to authorise every single click, or needing management to give you permission to start an SSH session.
It’s just about increasing the number of people that can view user activity at any given moment, then using a more traditional four eyes approach when it is absolutely necessary.
Those occasions are typically dictated by regulations and compliance standards like GDPR, which increasingly call for sensitive reports and recordings to be accessed using the four eyes principle. If you’re using any Privileged Account Management software that stores and displays this data, dual control features are essential to meet your obligations.
Dual control, session monitoring and session recording in Thycotic Secret Server
Thycotic Secret Server puts all your privileged accounts in a secure, AES 256 bit-encrypted vault where their usage can be tracked at every stage. As a result, you can ensure your policies are being enforced, detect unusual access, and spot the signs of a breach or insider threat faster.
Then, with the Session Monitoring add-on, start applying the four eyes principle. The add-on includes real-time session monitoring with the ability to terminate unauthorised sessions, session recording for video playback of sessions across Remote Desktop, SSH and custom applications, and keystroke logging for detailed auditing.
Secret Server also includes Dual Control as a standard feature to view any sensitive reports or recordings. Just assign approvers inside Secret Server then, when an IT admin needs to access a sensitive report or recording, they can request permission and get the necessary approval. This is especially important for every EU company, as it is required by the EU General Data Protection Regulation (EU GDPR compliance).