Preventing Good People from doing Bad Things

Implementing Least Privilege

  • Authors
  • John Mutch
  • Brian Anderson

Table of contents

  1. Front Matter
    Pages i-xii
  2. John Mutch, Brian Anderson
    Pages 1-21
  3. John Mutch, Brian Anderson
    Pages 23-40
  4. John Mutch, Brian Anderson
    Pages 61-77
  5. John Mutch, Brian Anderson
    Pages 79-96
  6. John Mutch, Brian Anderson
    Pages 97-111
  7. John Mutch, Brian Anderson
    Pages 113-126
  8. John Mutch, Brian Anderson
    Pages 141-161
  9. John Mutch, Brian Anderson
    Pages 163-175
  10. John Mutch, Brian Anderson
    Pages 177-189
  11. Back Matter
    Pages 191-197

About this book

Introduction

In today’s turbulent technological environment, it’s becoming increasingly crucial for companies to know about the principle of least privilege. These organizations often have the best security software money can buy, with equally developed policies with which to execute them, but they fail to take into account the weakest link in their implementation: human nature. Despite all other efforts, people can sway from what they should be doing.

Preventing Good People from doing Bad Things drives that concept home to business executives, auditors, and IT professionals alike. Instead of going through the step-by-step process of implementation, the book points out the implications of allowing users to run with unlimited administrator rights, discusses the technology and supplementation of Microsoft’s Group Policy, and dives into the different environments least privilege affects, such as Unix and Linux servers, and databases.

Readers will learn ways to protect virtual environments, how to secure multi-tenancy for the cloud, information about least privilege for applications, and how compliance enters the picture. The book also discusses the cost advantages of preventing good people from doing bad things. Each of the chapters emphasizes the need auditors, business executives, and IT professionals all have for least privilege, and discuss in detail the tensions and solutions it takes to implement this principle. Each chapter includes data from technology analysts including Forrester, Gartner, IDC, and Burton, along with analyst and industry expert quotations.

Bibliographic information

  • DOI https://doi.org/10.1007/978-1-4302-3922-2
  • Copyright Information Apress 2011
  • Publisher Name Apress, Berkeley, CA
  • eBook Packages Business and Economics
  • Print ISBN 978-1-4302-3921-5
  • Online ISBN 978-1-4302-3922-2
  • About this book