4 Responses 02/11
ruthvik
Work1.docxJacob Work:
The main objective of least privilege concept is to allow the users to gain access to database based on their needs and restriction is enabled to certain set of data which is confidential. Least privilege is a practice of restricting access rights to specific accounts, users and computing services etc and providing access to limited number of users to execute their activties. With the aid of providing least privilege services, it will ensure users will be provided with right content and there is no wastage of data and time and can reduce the chances of unnecessary risks or interruptions as several users work on database and it is difficult to arrange the services without any interruption and traffic concerns.
For instance, consider a user belonging to developing department and one needs access to computer language code and respective details providing them with other service access will complex the process and result in wastage of time and interruption to others. Restricting such access rights is referred as principle of least privilege. The principle of least privilege will enable limited services to users based on their need of the work. With the aid of least privilege concept, one can reduce the potency of risks and threats as confidential data is accessed through limited sources and management can monitor the access as least privilege is provided by management and will restrict access to sensitive data. This will also compromise the attacks from origin of the attack and restrict it from spreading it to other systems(Hammad et al., 2019).
Based on the need of the organisations most of the privileges are accessed and are role based or depend on the experience and expertise. “Implementing the POLP helps contain compromise to their area of origin, stopping them form spreading at large” (Nate, 2018). The principle of least privilege has the potential to make huge impact on the database security if it is implemented successfully. The authentication and authorisation also play a crucial role in POLP and these steps will ensure that only authenticated users with authorisation will be allowed to gain access and has to follow two step verification. In this modern technological world, there are high chances of data breaches which will negatively impact the business and there are many such firms been the victims of data breaches and will pose great damage to entire business. Upon considering such aspects of data loss, it is important to maintain high level of security and necessary measurements like PLOP will ensure better security of data flow and failing to do so will face the consequences(Mendoza, 2018).
The system security is enhanced with the aid of principle of least privilege because the unknown users are not allowed to gain access and are restricted to download and install software applications which hold malware content and can pose great damage to system. This POLP will restrict the users from executing such actions and will increase the security standard. The better regulatory and compliance and data security is possible with principle of least privilege. It is also experienced that with principle of least privilege a better incident response plan is executed and change management and respective configurations are possible(Ellen., 2020).
References:
Nate. Lord. (2018, September 12). What is the Principle of Least Privilege (POLP)? A Best Practice for Information Security and Compliance. https://digitalguardian.com/blog/what-principle-least-privilege-polp-best-practice-information-security-and-compliance
Mendoza, M. (2018). The principle of least privilege and how it can used in cybersecurity. Retrieved from https://www.welivesecurity.com/2018/07/02/principle-least-privilege-strategy/
Hammad, M., Bagheri, H., & Malek, S. (2019). DelDroid: An automated approach for the determination and enforcement of least-privilege architecture in android. Journal of Systems & Software, 14(9), 83-100. DOI: 10.1016/j.jss.2018.11.049.
Ellen Neveux. (2020). 5 advantages of the principle of least privilege. Available at: https://www.securelink.com/blog/what-are-the-benefits-of-the-least-privileged-principle/.
Dushyanth Work:
Week 5 Discussion Principle of Least Privilege
Lord (2020) argues that, “The principle of least privilege (POLP) is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function.” Therefore, one need not access unauthorized data void of valid reasons. It implies that user accounts should not be allowed to possess administrator privileges. Moreover, programmers have no right tampering with an organization’s finances (Lord, 2020). The principle has several merits to information security experts.
The POLP ensures that users have only the enough access rights aligned with their required operations. It prevents data attacks since hackers cannot compromise low-level user accounts and access highly sensitive data (Lord, 2020). The hackers will only access data in the compromised region and fail to advance to the entire system. The author noted that, “Edward Snowden was able to leak millions of NSA files because he had admin privileges, though his highest-level task was creating database backups” (Lord, 2020). The incidence demonstrated compromise of the POLP.
The management increased security by implementing the POLP. It ensured that 90 % of the workers could not utilize administrator privilege (Lord, 2020). The principle also assists in reducing the attack surface. In the case of Target breach, the 70 million Target customer data stolen resulted from breach of the POLP. The management allowed an HVAC contractor to upload executable which was beyond his roles (Lord, 2020). The implementation of POLP could have reduced the threat from the contractor.
The principle also mitigates the system from malware propagation. “Malware that infects a system bolstered by the principle of least privilege is often contained to the small section where it entered first” (Lord, 2020). The malware will be detected in its area of origin before it escalates. The management should also rely on the POLP to comply with different regulations (Lord, 2020). Therefore, it avoids challenges during audits or litigation.
Organizations have different employees who have their specific roles in data management. For instance, we have the primary administrator and email team in an organization. Svidergol (2019) argues that, “If the organization does not enforce least privileges, both the primary administrator and the email administrators might be granted administrative access to all the company’s servers, which introduces unnecessary risk.” The weakness allows primary administrators to compromise the roles of their counterparts void of accountability. It should be addressed by employing the POLP, which will limit the roles of each employee (Svidergol, 2019). The principle also reduces probability of accidental and deliberate damage.
Organizations can address various identity risks using the POLP. The risk are separation of duty, dormant identities, privilege escalation, and toxic combinations. It is evident that, “Separation of duties (SoD) is an internal control concept commonly applied which involves the sharing of a set of responsibilities and privileges among multiple users with the intention of preventing fraud and error” (Kedrosky, 2020). SoD addresses conflict of interest and wrongful acts. It also detects control failures in security measures. The POLP ensures that all identities, either people or non-people, have distinct roles.
References
Kedrosky, E. (2020, July 10). Getting to and Maintaining the Principle of Least Privilege. Sonrai Security
Lord, N. (2020, December 1). What is the Principle of Least Privilege (POLP)? A Best Practice for Information Security and Compliance. The Digital Guardian.
Svidergol, B. (2019, April 30). What is the Principle of Least Access? Netwrix
