What is Break-glass Access?

What is Break-glass Access?

What is Break-glass Access?

Break-glass access, also known as emergency access, enables designated users to bypass normal access controls in order to perform immediate problem resolution or to conduct critical operations in emergency situations. The term originates from the concept of breaking glass to access a fire extinguisher or alarm in an emergency. It is a vigilant protocol set in place to ensure system stability and continuity when standard procedures cannot address an urgent issue.

The Necessity of Break-Glass Access

Break-glass access exists to provide immediate intervention during critical or catastrophic system events. This can encompass anything from severe technical disruptions that affect the operation or performance of an application, to potentially catastrophic events such as cyberattacks or data breaches. By giving predetermined users break-glass access, businesses can promptly respond to such emergencies, limiting damage and downtime

Who Can Use Break-Glass Access?

Typically, break-glass access is granted to highly trusted system operators or administrators who have undergone thorough security training and have a comprehensive understanding of the system they are managing. As this access level enables users to bypass traditional security protocols, it can lead to a potential abuse of power or unintended security vulnerabilities if granted irresponsibly.

The Use and Prevalence of Break-Glass Access

Break-glass access is utilized through a detailed process, which includes the careful selection and verification of users, documentation of these users’ responsibilities, and the creation of an audit trail capturing all activities performed under this access. Immediate revoking of the emergency access once the situation is resolved is also mandatory to maintain overall system security. As for its prevalence, while not a ubiquitous procedure in all cybersecurity contexts, break-glass access is a common practice in industries with substantial data protection obligations, such as healthcare and finance.

Break-Glass Access in Cloud Infrastructure and SaaS

In the context of Cloud infrastructure and Software-as-a-Service (SaaS), break-glass access is a pivotal element of an effective incident response strategy. As organizations increasingly depend on these technologies for their core business functions, the potential impact of system disruptions or security breaches is more catastrophic than ever before. To mitigate these risks, many cloud providers and SaaS platforms incorporate break-glass capabilities into their identity and access management (IAM) systems, facilitating rapid response to emergency scenarios while maintaining stringent access controls and audit capabilities. A popular implementation of break-glass protocol is a self-serving just-in-time access.

Break-glass Access


1. What role does Identity and Access Management (IAM) play in break-glass access?  

IAM plays a crucial role in break-glass access. The process involves strict access control measures in terms of who can have the access and when. IAM tools help in managing these accesses, thus ensuring that only authenticated and authorized users gain break-glass access.

2.  How does break-glass access relate to permission management?    

Break-glass access is a part of permission management. It's designed to grant permissions to critical systems on a temporary basis during emergencies. Afterwards, the temporary permissions are revoked to return the systems to their normal and secure state. The process should be well-documented and monitored to avoid misuse.

3. How does the principle of least privilege access apply to break-glass access?  

The principle of least privilege access implies that users should only be given the minimum access to perform their job functions. While break-glass procedures might temporarily violate this principle in emergency situations, proper monitoring and swift revocation of elevated privileges should be in place to ensure the principle is reestablished promptly.

4. How does break-glass access fit into a DevOps or cybersecurity plan?  

In a DevOps environment, break-glass access allows developers or operations staff to quickly react to major incidents, and therefore help to reduce downtime. However, from a cybersecurity perspective, break-glass procedures must be carefully managed, as they can potentially introduce risks. Therefore, strong monitoring and auditing measures must be in place to mitigate any potential threats.

It's 2024,

Entitle Just In Time Access - CTA
See how easy it is to automate