Tim Bedard of ForgeRock warns about “entitlement creep,” in which federal employees accumulate security privileges and access rights they shouldn’t have as they move from one position to another. It is especially likely to happen during the large-scale transitions of a new presidential administration, if someone neglects to remove capabilities from a reassigned employee’s security profile. This undermines the point of granular as-needed security privileges, and creates the potential for breaches of security in the event an account is compromised or an employee becomes disgruntled. Bedard argues that a combination of more methodical security design and implementation, and the application of artificial intelligence can be useful in addressing the problem.
Source:
