1-800-324-2294        
 

 

About Us        
 

 

Home      
  

 

Choose Your Role
 

 

Courses            
 

 

Schedule by Location          
 

 

GSA Contract
 

 

Business Continuity IT Contingency Planning            
 

 

Corporate Risk Management            
 

 

Security 
              

 

AIA IA Conference 
              

 

DoD.8570 
              

 

On-Site Training 
 

 

Travel + Training     
 

 

Events             
 

 

eNewsletter      
  

 

Request Information  
 

 

Testimonials     
     

 

Directions            
 

 

Contact Us       
 

    
RICH'S MONTHLY ARTICLE
FREE Training, Certification and Technology News 
 Subscribe today to TechNow's FREE eNewsletter and be the first to receive IT news and course information, special offers, invitations to FREE seminars and much more!  
 

Least privilege...

     No, I am not talking about how you don’t get the ideal parking space or how the guys in the other office get all the latest technology.  What I am referring to is the day-to-day grind of securing your systems and network.  You hear it all the time... "If you gave me all the rights I need, I wouldn’t have to call you.”  The battle cry of end users everywhere and the statement that gives administrators nightmares.  Why practice least privilege?  The questions should be: Why not practice least privilege!  The practice of giving users only what they need to accomplish their tasks and nothing more is the best counter measure to a variety of attacks.

     Attacks against your systems or network usually start out with the ability to compromise a user’s account there by gaining rights and privileges of that user.  If a user has all the rights of an operating system then this is the first step in a series of steps that will lead to the compromise of your security measures.  How does this happen?  Well for instance if a user were to somehow download a Trojan horse or maybe some malicious code by visiting a suspect web site or maybe even downloading some attachments from email, of course my user would never do that.  Not with corporate policy stating that "no attachments will be downloaded without IT testing and verifying the attachment to be clean of malicious code…”  If a user has unrestricted access to a system then any process started by that user will have unrestricted access.  While this allows the user to be very productive and allows the user to not have to call an administrator, this also opens up the opportunity to allow malicious code to have the same rights and privileges.  The Trojan horse is designed to take advantage of a user or process started by that user to give unrestricted access to system resources.

     Practicing least privilege will limit damage from a potential threat that a user will, not if, but WILL introduce into your systems or network.  While the calls from the occasional user do become a nuisance, they do serve an alternate purpose.  That other purpose is its own form of monitoring.  Letting you know your security measures are in place and working or else you wouldn’t be getting those calls. 

Rich Llanas, CISSP, MCSE 

To change your subscription status email us at training@technow.com with "Subscribe" or "Unsubscribe" in the subject field.  

©TechNow, Inc. 2003. All rights reserved.
The TechNow logo is a trademark of TechNow, Inc. All other brand names and trademarks are TM and/or copyright by their respective owners.

Let us know how we're doing. If you have questions, comments, or problems please click here to contact us