The following strategies we’ll cover in this course hold at the core of them the principle of least privilege:
This is the principle that a security architecture should be designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function.
Following this principle is important because it reduces the overall attack surface and subsequently the potential for breaches. This principle is a core part of several compliance frameworks. For example, minimization, or storing only the minimum amount of customer data necessary, is a key part of GDPR compliance.
Insider threat and the Principle of Least Privilege are particularly important in IT tools, because IT personnel are often admins for business critical infrastructure. As such, compromising the credentials of an IT Admin can have catastrophic consequences on an organization. It’s no surprise that research shows Admins are three times more likely to get targeted by cyber attackers due to their elevated permissions.
While policies and education are central to any cybersecurity strategy, we’ll be focusing on some of the more tactical strategies for implementing these policies. In this course, we’ll be going over three specific strategies:
- Access Controls
- Automation
- Audits and Accountability