To successfully comply with at least privilege policy, you must know which privileges you need to manage. Get started with IBM’s free endpoint application and least privilege discovery tools. IBM Privilege Manager helps with just that. Imagine how much damage and risk you will take away if you remove your business users from local admin groups, yet provide them with a way to install approved applications. That means finding out which endpoints and local users have admin or root credentials, identify which apps are in use and if they require admin rights to run and understand your risk level for service accounts and apps with an elevated set of privileges. To successfully comply with a least privilege policy, you must know which privileges you need to manage. During an audit, you may have to demonstrate how the principle of least privilege is applied and enforced in your organization to control administrative accounts. Regulations like PCI DSS, HIPAA, SOX, and NIST and CIS security controls recommend or require implementing a least privilege model as part of a compliance solution. All others operate as standard users with an appropriate set of privileges. Under a least privilege model, administrative accounts with elevated privileges are given only to people who really need them.
Many customers, users or applications have admin or root privileges with access to sensitive data/operating systems.
Least privilege requires that every user, application and system account have the minimum access to resources needed to do their job.
Security regulations call for a least privilege policy, which means limiting access to reduce your attack surface.
0 kommentar(er)
