The Concept of Least Privilege
The fundamentals are often the most underappreciated part of the job in cyber security. In order to achieve a well-managed, secure environment, there must be focus on limiting exposure to risk by reducing the amount of rights and access provided. This is often described as limiting your threat surface.
Least privilege essentially means to provide access to only what is required for a user to perform their job functions and nothing more. An example is that if a user role is sales, they likely do not require access to any of the data associated with the finance team. Broadly distributed access to shared resources is the easiest way for a ransomware attack to impact a much larger part of the environment.
A corollary to this, but perhaps the greatest source of risk, is administrative rights to a computer. Admin rights, or more specifically the ability to install software or edit operating system registry settings, should never be directly associated with a user account. Instead, this should require an elevation which challenges for a password and ideally a second factor authentication.
Simple tips to practice least privilege:
- Document the user role types you require and try to keep the list as small as possible
- Define rights required for each role type to only the required needs
- Establish authentication groups to match the role types and use-only groups in assigning privilege
- Ensure that no user has direct admin rights on a PC
- Create a checklist for yourself to regularly review and make modifications as required to the groups
Identifying (in Order to Improve) Your Path to the Cloud
Do you know how you’re connecting to the cloud? Knowing this will help you find the most efficient and economical way to get you what you need.
How to Get Approval for Building Security into Your Company—Even if It’s Not in Scope
Budgeting for IT costs is often a big challenge because of the many factors businesses can’t control. Learn how to present proposals to get the budget to tackle IT issues before they happen.
3 Takeaways from the Microsoft Exchange Hack
In early March, hundreds of thousands of Microsoft Exchange Server systems were jeopardized and seeded with a powerful backdoor Trojan horse program. What can we learn from this?
Scaling with the Right Connectivity
In recognition of the need for high growth and the ability to manage costs, Technium and Markley have constructed a service that delivers flexibility, performance and cost management in a way that provides you with the ability to pick services that make sense to your current and future needs.