Compliance: Before hackers cut off the water supply
The scenario is cinematic: hackers could manipulate the water supply in major cities - with dramatic consequences. Today, every waterworks is a computer-controlled IT system and accordingly vulnerable to a targeted digital attack. The BSI Criticality Ordinance (BSI-KritisV) is a first draft of the Federal Office for Information Security (BSI) to provide protection and clarity.
8MAN is a leading solution for Access Rights Management (ARM) in Microsoft and virtual server environments, protecting organizations from unauthorized access.
"Compliance guidelines are vital here," warns Matthias Schulte-Huxel, CSO for the Berlin-based ARM system 8MAN. The BSI Criticality Ordinance (BSI-KritisV) is a first draft by the German Federal Office for Information Security (BSI) to create a regulation that clearly defines responsibilities. ARM - Access Rights Management - is an essential component for securing critical infrastructures:
"In addition to the enemy from the outside, internal access must also be controlled. Who has access to which systems, how can this be monitored - and what happens in the event of an attack," says Schulte-Huxel. The Berlin-based system already secures companies and their networks in a wide range of industries. At the push of a button, 8MAN analyzes the existing infrastructure and reveals the rights situation.
access rights management
Unauthorized access to data is a dangerous source of incalculable risks. In the case of infrastructures whose function is directly linked to the state community, failures or impairments result in significant disruptions to public safety and health. Only an internal solution for access rights management can provide proof of who has had access and at what time.
Likewise, it can be proven that access was not possible. "Currently, the fact is that every employee in such an infrastructure has a set of electronic keys for an uncontrollable number of doors. He can use these to gain access to parts of the system that are not directly related to his task. And the fingerprint that is created when employees access data that they don't actually need has not yet been analyzed," says Matthias Schulte-Huxel of 8MAN, describing the situation.
At the push of a button, 8MAN makes it clear who has which authorizations in the company. This function extends to all digital systems and also includes backdoors such as group memberships. In this way, the so-called "need-to-know principle" not only protects the company, but also the individual employee if the worst comes to the worst.
Revision security with 8MAN
The authorizations can be changed just as easily, and every intervention is logged. However, via simple user interfaces, specialist departments can also assign rights individually, a dual control principle and full logging secure the process. 8MAN already fulfils essential requirements of the basic data protection regulation DS-GVO, which will also be binding for KritisV. "With 8MAN, unauthorized access to any IT infrastructure - critical or not - is impossible. Even if the highest-ranking person in the company grants himself all rights, copies all data or carries out manipulations and then deletes the authorizations again: 8MAN is a witness, manipulation of our solution is not possible," says 8MAN CSO Schulte-Huxel.
