Least Privilege
The first step in implementing separation of duties is to remove unnecessary user privileges. Any unnecessary privilege provides an opportunity for a user to violate the AUP and perform unauthorized data access. It makes sense to use access controls to prevent unauthorized data access. The process of allowing only the level of access your users require might be tedious, but it is necessary to secure sensitive data.
Get Auditing IT Infrastructures for Compliance, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
