In today's turbulent technological environment, it's becoming
increasingly crucial for companies to know about the principle of
least privilege. These organizations often have the best security
software money can buy, with equally developed policies with which to
execute them, but they fail to take into account the weakest link in
their implementation: human nature. Despite all other efforts, people
can sway from what they should be doing.
Preventing Good People from doing Bad Things drives that concept home
to business executives, auditors, and IT professionals alike. Instead of
going through the step-by-step process of implementation, the book
points out the implications of allowing users to run with unlimited
administrator rights, discusses the technology and supplementation of
Microsoft's Group Policy, and dives into the different environments
least privilege affects, such as Unix and Linux servers, and databases.
Readers will learn ways to protect virtual environments, how to secure
multi-tenancy for the cloud, information about least privilege for
applications, and how compliance enters the picture. The book also
discusses the cost advantages of preventing good people from doing bad
things. Each of the chapters emphasizes the need auditors, business
executives, and IT professionals all have for least privilege, and
discuss in detail the tensions and solutions it takes to implement this
principle. Each chapter includes data from technology analysts including
Forrester, Gartner, IDC, and Burton, along with analyst and industry
expert quotations.
