Preventing Good People From Doing Bad Things: Implementing Least Privilege

Capa
Apress, 7 de dez. de 2011 - 220 páginas
In today’s turbulent technological environment, it’s becoming increasingly crucial for companies to know about the principle of least privilege. These organizations often have the best security software money can buy, with equally developed policies with which to execute them, but they fail to take into account the weakest link in their implementation: human nature. Despite all other efforts, people can sway from what they should be doing.

Preventing Good People from doing Bad Things drives that concept home to business executives, auditors, and IT professionals alike. Instead of going through the step-by-step process of implementation, the book points out the implications of allowing users to run with unlimited administrator rights, discusses the technology and supplementation of Microsoft’s Group Policy, and dives into the different environments least privilege affects, such as Unix and Linux servers, and databases.

Readers will learn ways to protect virtual environments, how to secure multi-tenancy for the cloud, information about least privilege for applications, and how compliance enters the picture. The book also discusses the cost advantages of preventing good people from doing bad things. Each of the chapters emphasizes the need auditors, business executives, and IT professionals all have for least privilege, and discuss in detail the tensions and solutions it takes to implement this principle. Each chapter includes data from technology analysts including Forrester, Gartner, IDC, and Burton, along with analyst and industry expert quotations.

 

Páginas selecionadas

Conteúdo

CHAPTER 1 The Only IT Constant Is Change
1
CHAPTER 2 Misuse of Privilege Is the New Corporate Landmine
23
CHAPTER 3 Business Executives Technologistsand Auditors Need Least Privilege
41
CHAPTER 4 Supplementing Group Policy on Windows Desktops
61
CHAPTER 5 Servers Are the Primary Target for Insiders and Hackers Alike
78
CHAPTER 6 Protecting Virtual Environments from Hypervisor Sabotage
97
CHAPTER 7 Secure MultiTenancy for Private Public and Hybrid Clouds
113
CHAPTER 8 Applications Databases and Desktop Data Need Least Privilege Too
127
CHAPTER 9 Security Does Not Equal Compliance
141
CHAPTER 10 The Hard and Soft Cost of Apathy
162
CHAPTER 11 Final Thoughts for Least Privilege Best Practices
177
Index
190

Outras edições - Ver todos

Preventing Good People From Doing Bad Things: Implementing Least Privilege
Brian Anderson,John Mutch
Prévia não disponível - 2011
Preventing Good People From Doing Bad Things: Implementing Least Privilege
Brian Anderson,John Mutch
Prévia não disponível - 2011

Termos e frases comuns

access control accidental accounts Active Directory admin rights administrative privileges administrator rights allow AppLocker assets audit best practices Chapter cloud computing cloud providers cloud vendors company’s Compliance Carl configuration corporate cost credentials customers data breaches database employees ensure enterprise governance hackers help desk HIPAA Hybrid Clouds hypervisor identity management Implement Least Privilege implementing a least infrastructure insider threats keystroke logging Least Privilege Lucy least privilege solution legacy applications lege Linux logging malware Microsoft mission-critical misuse of privilege mitigate monitor Need Least Privilege open source organizations PCI DSS potential private cloud privi privilege identity privileged access privileged users problem productivity protect RBAC responsible risk role root password sensitive data sensitive information separation of duties specific Sudo superuser things tion today’s trust University of Winchester UNIX virtual environment virtual servers VMware vulnerabilities WikiLeaks Windows Vista

Sobre o autor (2011)

Brian Anderson brings more than 25 years of global enterprise software and security industry experience to BeyondTrust, where he will be responsible for all aspects of corporate brand development, lead and demand generation to increase awareness and interest in all customer and investor segments. In addition, he will be responsible for building a VAR channel to expand distribution for BeyondTrust products globally. Prior to BeyondTrust, Anderson served as a serially successful chief marketing officer for several venture-funded companies. At Siderean Software, his branding efforts garnered rave reviews and numerous awards, including innovator status in the Gartner Magic Quadrant. At Avamar Technologies, his leadership resulted in a huge revenue increase and numerous awards. Avamar was subsequently acquired by EMC. Prior to Avamar, Anderson was director of marketing at IBM s Tivoli Security and Storage, a role he inherited after successful building industry leader Access360 s brand and sales pipeline through successful positioning for a sale to IBM. Anderson also served as chief marketing officer of HNC Software, which experienced tremendous growth during his tenure and was successfully acquired by Fair Isaac in 2002. Anderson served for seven years prior to HNC at FileNet Corporation, culminating in his role as vice president of worldwide corporate marketing. At FileNet, Anderson built a tremendous global channel organization that ultimately represented almost 50 percent of the company s revenue. He received his bachelor of science degree in computer science from the University of New Orleans.

Informações bibliográficas

TítuloPreventing Good People From Doing Bad Things: Implementing Least Privilege
SpringerLink : Bücher
AutoresBrian Anderson, John Mutch
Ediçãoilustrada
EditoraApress, 2011
ISBN1430239220, 9781430239222
Num. págs.220 páginas
  
Exportar citaçãoBiBTeX EndNote RefMan