Jun 022013
 

By Dominic Vogel at TechRepublic.com…

The bane of many information security pros’ existence is the never-ending quest of attempting to enforce the principle of least privilege. At its core, this is a data security issue, limiting the number of people having access to more data than they should (for example, someone in marketing having access to payroll records). Generally, any attempts to rein in access levels tend to be met with disdain as they are perceived as “trust” issues. While we can’t strip away all their privileges (this would grind the business to a halt, you can’t be too liberal either. This leads to privilege abuse or people being too timid about their data security responsibilities.

via How to successfully implement the principle of least privilege | TechRepublic.

 Posted by at 6:46 pm