Designing for #insiderrisk #TrustEverybodyButCutTheCards Concepts particularly effective when thinking about insider risk: #Leastprivilege Granting the fewest privileges necessary to perform job duties, both in terms of scope and duration of #access. #Zerotrust
Designing automated or #proxy mechanisms for managing systems so that insiders don’t have broad #access that allows them to cause harm. Multi-party #authorization Using technical controls to require more than one person to authorize #sensitive actions.
#Businessjustifications Requiring employees to formally document their reason for accessing #sensitivedata or systems. #Auditing and #detection Reviewing all #accesslogs and justifications to make sure they’re appropriate. #Recoverability