1

The role assignment is excellent feature over the various platforms (Google, GitHub, Facebook, etc. ). However, I've been thinking about a specific security "threat" which might arise from that.

Let's say, Nick is someone with my absolute confidence in him/her. I want to take him as an administrator of my important project (S/HE will work on the project only from the office workstation).

I've two choice:

1) Grant his user permission to the project directly (his account is secured with 2-step auth too).

or

2) Give the access to our primary account (which is secured with 2-step authorization and only I can grant him with one-time code during the first-login), from where it will access the project.

enter image description here

The reason that I don't fully like the first method, is that s/he has a total freedom of where to use his account, on mobile, laptop, PC, guest house or who knows, and as s/he is not a security expert (but a typical user that is helping me), of course there is chances, that one day his account might get hacked (viruses, bots, infected PC or whatever threats), so, my project will be under a risk too.

There are of course higher threats against giving access to main account, but the reason that main account will be used ONLY from office WorkStation (and only authorized by my given codes), I couldn't finally decide which method could be more secure in such cases...

T.Todua
  • 2,677
  • 4
  • 19
  • 28

3 Answers3

3

In a sensitive system, user accounts should never be shared. This is for liability, auditability, nonrepudiation, and compliance reasons. So giving out the main account is out of the question.

John Wu
  • 9,101
  • 1
  • 28
  • 39
2

Let's say, Nick is someone with my absolute confidence in him/her.

[...] s/he is not a security expert (but a typical user that is helping me), of course there is chances, that one day his account might get hacked (viruses, bots, infected PC or whatever threats) [...]

This is a bit contradictory in my opinion. Giving access to a main account to a non security-wise person is like shooting at your own feet

If you think that this person is more susceptible to be compromised (f.e. through phishing or by installing some malware) and you give him access to your main account nothing will be preventing that account from being hacked

On the other hand giving access to a different account ensures that you still have access to your main account in case you need to revoke his access

If you are worried about him/her getting access from non-authorized devices you should probably need to use a different setup/architecture to prevent this. For example, let the required service only be available on local network or through a VPN and limit the access to the VPN only to your authorized workstations using certificates

Also, note that sharing accounts with other people has other security consequences like lack of traceability on the operations. What if the main account is used for something bad? If the account is yours the responsibility is also yours

Mr. E
  • 1,954
  • 9
  • 18
  • Nice catch, thanks! Just i was thinking that as the main account will be tied to our office workstation, the account could have been more secured nevertheless his low-knowledge of security. – T.Todua Feb 04 '19 at 14:08
1

I never grant access to the main account. Such an account should be used for emergency situations only.

It's fine if trusted to grant an account with the same level of permissions, but never the original account.

One of the logical factors in this is the following: if the used account breaks, if you have the main account good you can recover the affected account. If you allow usage of the main account with highest privileges and it breaks, in many situations you can't do much about it.

I'd say it's certainly more secure to make another account and grant that account the required rights.

Overmind
  • 8,779
  • 3
  • 19
  • 28