Just-in-time Database Access
Table of Contents
Just-in-time database access is about managing access to specific databases. It has a lot of moving parts and may seem complicated, but there are things that can be done that make it much easier.
In this blog, we’ll explore roles and how access management to databases works today, why direct access to databases is needed, what an agile approach to access management is, and the ways that just-in-time database access makes the whole process much easier and safer.
All About Roles
In the database world, a role is a group of privileges that can be assigned to one or more users, and a user can have one or more roles assigned to him.
There are two ways to provision access today. Users have the option to manage identities directly inside the database, or they can connect them to existing identity sources like Active Directory or Okta.
- Mapping user identities to roles and permissions. This allows the admin the ability to control access to resources for users already managed in the company’s identity provider.
- Creating new roles. This means you need to go in and manually create the role you need, then you need to assign that role to each group in the Identity Provider, one-by-one.
Problems with the above
- Time-consuming. Creating roles in each db and provisioning the right one for each user takes a lot of manual work and a lot of time.
- Not adaptable. Once a set of permissions is attached to a role, then anyone in the group will have the same pre-defined permissions. There is no ability to adjust the permissions per person. This leads to over-privileges because groups are usually granted more permissions than each developer needs just in case they are needed at some point.
- Unsecure. RBAC doesn’t take credential stealing or losing passwords into consideration even though 80 percent of breaches happen due to lost or stolen passwords.
Why it’s Important to Limit Direct Access in the First Place
Companies strive to limit direct access to databases for many reasons, such as security, as a fail-safe against potential human errors and a number of other benefits. No matter the reason, this type of least-privilege access policy has led to a rise in popularity for BI tools such as BigQuery and Elasticsearch. These tools allow analysts or devs the opportunity to access the data without directly accessing the production environment.
Why Situations Exist When Access Needs to be Direct
Although it’s prudent to follow the zero-trust approach, there are still times when it’s necessary for engineers to enter the production environment immediately, for example, during incidents. Without immediate access to fix things in production, problems can persist and the MTTR rises, resulting in lost time, lost resources and lost money.
A few examples are the following:
- Supporting customers
- Maintenance and implementations
- Adding database integrations
- Eliminating silos between developers and operations
Just-in-Time Database Access
Provisioning Just-in-Time (JIT) database access enables users to obtain temporary, on-demand privileged access to resources. This approach falls under identity access management or privileged access management and is particularly designed to address scenarios where certain users may not regularly require access to specific applications or services. However, they can gain timely access to these resources when necessary, but only for a limited duration.
Compared to the concept of standing privileges, which grants users constant, broad access to resources, Just-in-Time database access provisioning takes a different approach. It ensures that all access is strictly temporary and granted only to the required resources, what’s called, “Just Enough” access.
Furthermore, this system typically limits access based on roles, aligning with the principle of least privilege (POLP), a requirement in many policies and regulations. The core idea behind Just-in-Time access is to eliminate permanent authorizations or unending access to critical infrastructures, gaining increasing momentum in the security landscape but is also very helpful in maintaining a more stable, yet agile production environment.
By default, Just-in-Time database access makes all access temporary, consistently verifying the validity of users, connections, roles, and privilege levels during every connection establishment. This approach effectively removes implicit trust from the equation, aligning with the fundamental philosophy of the Zero Trust framework – “never trust, always verify.”
The Benefits of Just-in-Time Database Access
- Reducing MTTR: By implementing just-in-time database access, organizations can improve incident response times. When access is restricted and granted on-demand, the risk of unauthorized or accidental changes is minimized. This reduces the chances of introducing new issues during the repair process. Additionally, time-restricted access ensures that only qualified individuals can make the necessary repairs, leading to quicker and more efficient incident resolution.
- Decreasing Human Error Incidents: Human errors are a common cause of incidents and security breaches. By removing standing privileges and implementing just-in-time access, organizations limit the opportunities for human error to occur in production environments. Access is granted precisely when needed and for specific tasks, reducing the likelihood of unintended changes or mistakes.
- Increasing Security: As mentioned earlier, just-in-time access significantly enhances security. By providing temporary and restricted access to resources, the attack surface is reduced. Even if credentials are compromised, the access will be time-limited and tightly controlled, mitigating the potential impact of a breach. This approach aligns with the principle of least privilege, ensuring users only have access to what is necessary for their roles.
- Proving Compliance: Compliance with various regulations and industry standards often requires strict control over access to sensitive data and resources. Just-in-time access provides a well-documented and auditable access management system. The ability to generate detailed audit reports that show precisely when and by whom resources were accessed helps organizations demonstrate compliance during audits and regulatory reviews. This process streamlining saves time and resources during compliance assessments.
Overall, just-in-time access is a powerful approach to access management that not only increases security but also supports incident response efforts and regulatory compliance.