With the holiday season upon us, it’s a good time to settle down with a beloved story. I re-watched the Charles Dickens classic, A Christmas Carol, the other day (well, actually it was Scrooged with Bill Murray, of course) and found myself thinking about the parallels with cyber security. Really, I did.
In the story, Ebenezer Scrooge is first visited by the Ghost of Christmas Past. They watch scenes from the past, rich with examples that made Scrooge into the miserable person he became. Next, the Ghost of Christmas Present and Scrooge look in on the Cratchit family, where he sees their humility and love for each other. It’s a stark example of what he doesn’t have in his own life. Last, the Ghost of Christmas Future shows Scrooge what will befall him if he doesn’t change his ways.
What examples would cause us to change our cyber behavior today?
I started thinking: What if we were visited by ghosts like these? What examples would they share that would cause us to change our cyber behavior today?
I think they’d show us scenarios of companies that failed to take proper precautions and suffered the consequences.
In that spirit, let’s “visit” organizations that suffered an avoidable loss by not adopting the principle of least privilege security. These examples of least privilege security breaches illustrate how embracing this critical cyber security principle today can change your future.
Least Privilege Examples from the Ghosts of Cyber Past
1.The Ghosted Device
IT organizations often use ghosted images to provision user endpoints with a common configuration. While this approach improves efficiency, when done improperly it can create a gaping security hole: users who should have ..
Support the originator by clicking the read the rest link below.
