Illusive Blog August 9, 2022

Put the Spreadsheets to Bed: The Pitfalls of Manual Security Management

By Jonathan Molina

The more things change, the more they stay the same. I have been working in IT since the year 2000 and I have seen how quickly technology has transformed the world around us. Systems and environments have become so much more complex since I started my career, but unfortunately, one thing that hasn’t changed is how security professionals manage certain tasks.

For example, when I first started working in IT, it was common to create and print a spreadsheet to check off each machine I managed one-by-one. How manual and time-consuming! It was difficult enough to secure an environment with this approach two decades ago, so it is considerably more challenging to rely on such a linear approach in these complex and ever-changing modern environments.

Yet this is the challenge that security professionals face today. When I talk to our customers, the first question I ask them is “what is your process to manage identity risks?” Far too often the response is something along the lines of “I use Excel to make sure that I am tracking…” or “I export a CSV from a platform we use.” It seems like all paths lead back to spreadsheets; this is a productivity tool, not a security solution. Stop the insanity!

Here are some of the common pitfalls I have observed from such a manual approach:

  1. Interminable Lists
    I have personally witnessed spreadsheets containing 1000s of machines. Sometimes these lists contain machines that don’t exist because they were previously decommissioned. On the other hand, new machines are rarely captured in these lists either. Some IT teams have systems to provide a list of “active” machines, but budget cuts result in lesser than needed licenses and an incomplete source of truth. If you only focus on “the crucial systems first” then you can never achieve comprehensive visibility.
  2. Conflicting Priorities
    When you work in IT, it is like you are the most popular kid in school because everyone wants you to help them (and then you get home from work and so do your friends and family). The process of manually reviewing a master spreadsheet is very time-consuming, so the constant requests for tech support can become a huge interruption. Projects, such as these manual reviews, are always in addition to regular IT responsibilities and there are many days where the regular work never stops. These distractions also introduce the risk of human error since something may be overlooked or forgotten while switching between tasks.
  3. Incomplete Reviews
    It is impossible to completely review a list with a manual approach. Even if you have the time, there will always be gaps. Or by the time you do complete it, there will be a new issue that requires a brand new review. Does this sound familiar? It is the challenge of trying to solve a multi-directional problem with a linear approach.

Continuous & Comprehensive Visibility

Fortunately, technology has been changing to enable a better approach to management. Machines speak their own language, which new solutions can understand far more quickly than you and me, and usually on an ongoing basis. Instead of these laborious special projects that required preparing your mind, body and soul, new solutions can now complete them continuously, 24×7.

Identity Threat Detection and Response (ITDR) solutions, such as Illusive, can help make this possible. Illusive automates these time-consuming and error-prone manual processes by communicating with AD and/or Azure AD to continuously discover all of the devices in your environment – that is comprehensive visibility.

If you are working to mitigate risk, then you can enable Illusive to mitigate it for you (such as cleaning cached credentials off an endpoint) or send a ticket to a ticketing system so that another team member can handle the issue (such as reviewing user privileges). Illusive provides recommendations every step of the way. We may never see a world without “alert fatigue” but this sort of detection and response alleviates that pain.

Ultimately, Illusive is so much more efficient than spreadsheet management that it saves time (and time is money) and illuminates blind spots (that’s why we call our solution Illusive Spotlight). If anything here resonated with you, please contact Illusive to discuss how we can help.