Which of these best describes the policy of least privilege?
A) A safe combination is shared among multiple people
B) The shipping department is able to view orders but not modify orders
C) All key owners must be present to option a lockbox
D) A security audit is performed at regular intervals
E) A network administrator has configuration rights to all switches and routers
F) I usually don’t mind as long as there’s free soda and coffee
The answer: B) The shipping department is able to view orders but not modify orders
Least privilege describes the limits that are placed on a particular job function and they help determine exactly where those lines are drawn. You want to make sure that each job function has just enough rights and permissions to perform their job function, but you don’t want to give more rights than necessary. In this example, the shipping department is able to view orders for the shipping process, but their job function doesn’t include changing or modifying any customer orders.
Want to know more? Watch “Security Awareness.”When training your end user community, there are a number of security concerns that must be considered. In this video, you’ll learn which user habits, threat prevention techniques, and business policies should be implemented to keep everyone’s data as safe as possible. |