Least Privilege Security Model
I am finding in my daily work that everyone talks about and wants the least privilege security model until want access to something. We can redesign a network share and say that only groups are allowed and that we are not to allow user access to directly to have access and within a month of going live there is a handful of user accounts listed. What I also find funny is how people react when you ask why? Why do you need this access? You would think I am asking them to justify why they exist. My goal is to be able to document and justify why I have granted access to something (share, server, etc.) and they get offended. Using the model of least privilege help to protect everyone and the company.
Life as a G33k
I am sitting here on my main desktop writing this. On one tab of FireFox I have my Facebook open. On the next tab I have this page open. I have my uTorrent runningin the background. My laptop sits next to me with a VPN connection in to work. I am running scripts and adding accounts in to group and verifying that the servers got the correct grouping. My IDS is humming along. My ESXi server is pumping out the heat as the server tries to keep the 8 processors cool. I have 4 IM windows up on the laptop and 3 chat windows in facebook. I have 7 command prompt windows pinging servers asking them if they are still up.
It is now 1:35am and I have been up since 5:30am the day before. No worries, I got my energy drink (Monster Khaos). Odds are I will be in to work between 9 and 10am. Why? Because I have 40 tickets to complete and more to be assigned.
Such is the life of a geek.
B-)
Archives
- July 2010 (3)
- May 2010 (3)
- March 2010 (2)
- February 2010 (4)
- January 2010 (5)
- December 2009 (5)
- November 2009 (2)
- October 2009 (2)
- September 2009 (3)
- August 2009 (1)
- July 2009 (3)
- June 2009 (8)
Tags
Begging for money
