Shyam Senthilnathan

January 25 · 5 min read

Local admin rights for Developers:
Balancing the scales between basic necessity and security risk

Do developers always need local admin rights?

Developers work with a variety of tools, often experimenting with multiple things. They would need to upgrade their OS, change settings to replicate bugs, downgrade/update software, and even build their own tools. Most of these actions require programmers to have local admin rights or root access on their systems.

While developers can work better with administrative access on their workstations, security teams need to lock down admin privileges for a secure environment. This creates a lot of back-and-forth arguments between the teams.

Security heads simply cannot allow installations of quick utilities without thinking about compromising security. Even though developers are tech savvy – they aren't immune from phishing attacks and being malware targets. Government institutes, and other regulated sectors are forced to control the freedom developers would normally like to have.

Potential risks of giving developers full admin rights:

Admin access to development tools, even though being a necessity, introduces a security risk, as malware can drop into critical production systems with something as simple as a website visit. A few cases highlight how software tools are easily cracked into:

CI/CD build pipelines are turning into highly privileged targets

Build pipelines handle continuous integration, delivery, and deployment on a regular basis. They help handle version control and automate the rapid development process for services and applications. More often than not, this requires software that can manage and organize the pipeline. A few leading tools in the CI/CD domain are Jenkins, GitLab, and Kubernetes (K8s), used widely by several organizations.

These tools in some way provide privileged access to the user or developer who may need them for a particular task. This access is the point-of-attack that is targeted by cybercriminals. Getting hands on the production environment not only undermines CI/CD security but also paves the way to full unrestricted admin access by lateral movement. Thus, turning build pipelines into high-value targets.

Integrated development environment tools (IDE) compromised through extensions

IDE’s allow developers quickly code applications allowing multiple utilities to be manually configured and integrated as part of the setup process. With IDE workbenches offering different utilities through extensions etc., new developers can easily get up to speed on a teams tools and workflows.

In recent times, malware has evolved to target the supply chain, and is distributed through open source software. Popular package repositories like npm and PyPI top the list for containing malware. But this doesn’t mean that less popular open source repositories are clean of malware.

Last year, malicious actors manipulated popular IDE software - Visual Studio Code. The VS Code Extensions Marketplace was targeted to increase the chances for developers to install malicious extensions into their development environment, which would then infiltrate their systems.

Revoking full administrative control – A harsh decision to make

While regulated industries are forced to revoke the admin rights from programmers, other organizations do it for the sake of better endpoint security. From a corporate licensing compliance perspective, it is still better to have a gate than not. Making them hop through awkward and complex hoops wastes their time and demoralizes them.

Eliminating the admin access altogether locks them out from performing basic job responsibilities and causes frustration. Developers even go to the extent of quitting if they are unable to efficiently perform their tasks. Finding a common ground boils down to balancing the scales between security and developer productivity.

Stop the war on local admin rights: Grant flexibility with control

Controls put in by IT administrators to stop devs from having local admin are often bypassed by developers with sound technical ability.

Experienced and determined engineers will always find a way to go around if you do not give some flexibility to accomplish their tasks. If not, the worst thing that could happen is that you’ll end up with shadow IT in your system. Flexibility, however, must be granted according to business needs and must be in line with security best practices.

This could mean different things for different organizations, while a small organization may prefer to grant admin rights to their developers while monitoring all their access activity, a large enterprise may have to full revoke admin rights and provision them access on-demand.

While the use-cases between companies vary, the crux of the problem remains the same – difficulty in granting admin rights in accordance with company policies while not affecting your engineers' day-to-day tasks.

Give developers full power over their workstations, as/when needed

Keeping both parties (IT Security team and DevOps) satisfied - requires defining granular policies that are intricate to an organization's requirements. The most common use cases surrounding developer admin access are:

  • Removing admin rights for developers and granting just-in-time elevated access on approval by relevant supervisors or authorized personnel.
  • Allowing engineers only to access specific approved/authorized applications
  • Blocking access to certain malicious applications while allowing all other developer tools
  • Allowing devs to get admin access for a limited time period, while monitoring and logging all admin activity performed.

Endpoint privilege management (EPM) solutions come in handy, they let you tackle multiple scenarios by controlling admin access through policies. With an EPM solution, the system administrator, or security person in charge would define centralized control policies for developers in the organization.

This can be done comprehensively, allowing certain users to access certain applications on certain computers. Developers can also be given the option self-service admin rights, for when their requirements are not defined by a control policy, or they wish to install a new application.

Securden EPM can balance the scales

Securden EPM has all the capabilities that organizations would need to control admin access to development tools in the way that suits them. An overview of what you could achieve with Securden EPM:

  • Discover the software stack commonly used by your developers and create a list of approved applications
  • Remove local admin rights for developers and grant them access to the approved applications/software
  • Grant full admin access for a limited time frame to carry out upgrade/install tasks
  • Allow users to request for access to new applications, or request for admin access and use them upon approval
  • Configure automatic approval policies, so developers can seamlessly run the programs they require while monitoring all critical activity.

Securden EPM lets you secure endpoints across the organization and prevent malware – while keeping user productivity high. Whether you organization is fully self-hosted on-premises, hosted completely on the cloud or has a hybrid environment – Securden Endpoint Privilege Manager can cater to its needs.

Try it out for yourself now with a 30-day free trial!.

Recent Topics