You are previewing Preventing Good People from Doing Bad Things: Implementing Least Privilege.
O'Reilly logo
Preventing Good People from Doing Bad Things: Implementing Least Privilege

Book Description

In today's turbulent technological environment, it's becoming increasingly crucial for companies to know about the principle of least privilege. These organizations often have the best security software money can buy, with equally developed policies with which to execute them, but they fail to take into account the weakest link in their implementation: human nature. Despite all other efforts, people can sway from what they should be doing.

Preventing Good People from doing Bad Things drives that concept home to business executives, auditors, and IT professionals alike. Instead of going through the step-by-step process of implementation, the book points out the implications of allowing users to run with unlimited administrator rights, discusses the technology and supplementation of Microsoft's Group Policy, and dives into the different environments least privilege affects, such as Unix and Linux servers, and databases.

Readers will learn ways to protect virtual environments, how to secure multi-tenancy for the cloud, information about least privilege for applications, and how compliance enters the picture. The book also discusses the cost advantages of preventing good people from doing bad things. Each of the chapters emphasizes the need auditors, business executives, and IT professionals all have for least privilege, and discuss in detail the tensions and solutions it takes to implement this principle. Each chapter includes data from technology analysts including Forrester, Gartner, IDC, and Burton, along with analyst and industry expert quotations.

  • Why unlimited administration rights are a bad thing

  • Why least privileges is a good solution

  • Effective implementation of least privileges

  • Least privileges on Unix and Linux servers

  • Issues with Microsoft's Group Policy

Who this book is for

The audience is segmented into three separate categories, all of which are clearly addressed and weighed-in on in each chapter: the auditor, the businessman, and the IT professional.


The first segment are the information technology security auditors. They are the ones responsible for the analysis of technical, physical, and administrative controls in the organization(s) whose security is in question. Their work includes the auditing of data center personnel, computer equipment, all policies and procedures, physical and environmental controls, and back-up procedures. Because their jobs so heavily rely on established protocols for the protection of sensitive information, this segment of the market will find this book a must-read. Their main concern is making sure the companies they are inspecting are in compliance with regulations and are taking the appropriate measures to secure their information and the users accessing them. They will learn how least privilege is the only way to fully satisfy government security regulations, and it will give them necessary and cutting-edge information on how to correctly perform their jobs.


The second segment are the businesspeople. They are the ones who run the companies requiring least privilege. These individuals are driven by the bottom line, and are ultimately concerned with spending and returns on investment. While they may be interested in security and realize its importance, the motivation behind any decisions is saving the company money. They need this book because it will clearly outline the financial benefits of implementing least privilege. It will explain that, from a business point of view, least privilege is the only way to eliminate the misuse of privilege and avoid the extensive costs of security breaches, expensive audits, help desk costs, and costly hours of IT troubleshooting. They will read it and use it as a reference as they prepare financially for a more secure IT environment.

IT Professional

The third and final segment are the IT professionals. They are the ones who appreciate security for security's sake. They understand the implications of a noncompliant environment. They are on the forefront of the company's information environment. They manage users and those users' privileges. They download applications, grant privileges to users, process information, store information, program, install software, perform data management, network machines, and manage the networks they create. They need and will read this book because it will expand their understanding of the concept of least privilege and apply it to the environment in which they work. They will learn how to supplement Group Policy to attain least privilege, how to protect their environments, and how to carry security throughout their enterprise. This book will teach them new ways to look at the principle of least privilege, and it will educate them with the information necessary to receive executive and financial backing to the projects that will secure their network.

Table of Contents

  1. Title
  2. Dedication
  3. Contents
  4. About the Authors
  5. Acknowledgments
  6. Introduction
  7. Chapter 1: The Only IT Constant Is Change
    1. Internal vs. External Threats
    2. Privileged Identity Management Demystified
    3. Priv·i·leged i·den·ti·ty
    4. Privileged Accounts are Pervasive and Problematic
    5. People Need Boundaries, Not Walls
    6. Top 10 Reasons to Care About Who Has Privileged Access to Your IT
    7. Federal Mandates for Least Privilege
    8. The Yin and Yang of Security
    9. What To Expect Next
    10. Insiders Examined: The Villains
    11. Insiders Examined: The Heroes
    12. IT Infrastructure Requirements Examined
    13. Compliance and Governance Requirements Examined
    14. Hard and Soft Costs of Apathy Examined
    15. Final Observations and Best Practices Examined
    16. Weighing-In
  8. Chapter 2: Misuse of Privilege Is the New Corporate Landmine
    1. Disgruntled Dave Examined Closer
    2. Accident Prone Annie Examined Closer
    3. More Insider Breaches in the News
    4. Identity Thief Irene Examined Closer
    5. What Hackers Don't Want You To Know About User Privileges
    6. Top Five Excuses for Data Breaches and What They Really Mean
    7. HR and IT—How Security Can Make For Strange Bedfellows
    8. Perhaps It's Time to “Geek Up” HR
    9. Top Ten Reasons Good People Do Bad Things Without Least Privilege
    10. Weighing In
  9. Chapter 3: Business Executives, Technologists, and Auditors Need Least Privilege
    1. Secure Sam Examined Closer
    2. Least Privilege Lucy Examined Closer
    3. Compliance Carl Examined Closer
    4. The Problem Still Exists Between the Keyboard and Chair
    5. The Swiss Cheese Model
    6. Security Is a Team Sport and Least Privilege Is the Team Motto
    7. Weighing In
  10. Chapter 4: Supplementing Group Policy on Windows Desktops
    1. Six Things You Should Know Before Migrating to MS Windows 7
    2. Things You Should Know About MS UAC
    3. Things You Should Know About MS AppLocker
    4. Top Ten Reasons to Implement Least Privilege on Windows Desktops
    5. The “Do-Nothing” Approach
    6. Impact on the Help Desk
    7. Microsoft Published Vulnerabilities
    8. The Wild West
    9. Survey Results Validate Problem
    10. Least Privilege, Architecturally Speaking
    11. Putting Least Privilege into Practice
    12. Desktop Least Privilege in Production
    13. Unpredictable Environments
    14. Weighing In
  11. Chapter 5: Servers Are the Primary Target for Insiders and Hackers Alike
    1. Servers Store the Good Stuff
    2. Server Breaches in the News
    3. Black Market for Server Data
    4. The Architecture of Server Least Privilege
    5. Of WikiLeaks and Servers
    6. WikiLeaks and WikiWar
    7. Why Do You Sudo the Way You Do?
    8. Top Ten Reasons to Implement Least Privilege on UNIX and Linux Servers
    9. More Server Breaches in the News
    10. Case Study: Replacing Sudo in a Production Environment
    11. Vulnerability Scanning Requires Least Privilege
    12. Patching Needs Least Privilege
    13. Privilege Identity Management System Logs Help Spot Other Security Weaknesses
    14. Weighing In
  12. Chapter 6: Protecting Virtual Environments from Hypervisor Sabotage
    1. Virtual Theft
    2. Desktop Virtualization
    3. Desktop Registry and File System Virtualization
    4. The Virtual Shell Game
    5. Controlling Virtual Sprawl with Least Privilege
    6. Top Ten Reasons to Implement Least Privilege for Virtualized Servers
    7. Role-Based Access Control
    8. RBAC Is Not the Same as ACLs
    9. Too Much Trust?
    10. Least Privilege Architecturally Defined for Virtualized Environments
    11. Virtualized Least Privilege Value
    12. Weighing-In
  13. Chapter 7: Secure Multi-Tenancy for Private, Public, and Hybrid Clouds
    1. All Clouds Are Not Created Equal
    2. The Elusive Unicorn
    3. Top Ten Reasons to Implement Least Privilege For Private, Public & Hybrid Clouds
    4. Is the Cloud Inherently Secure or Insecure?
    5. Who's in Charge of Cloud Security?
    6. To the Cloud, or Not
    7. Security in Public Clouds
    8. Trusted Digital Identities
    9. Public Clouds Need Least Privilege
    10. A Rose by Any Other Name
    11. Case Study: Secure Multi-Tenancy in a Private Cloud
    12. Logs in the Cloud
    13. Implementing Least Privilege in the Cloud
    14. Weighing In
  14. Chapter 8: Applications, Databases, and Desktop Data Need Least Privilege, Too
    1. Servers Store the Good Stuff…In Databases
    2. DBA: The Privileged Database User
    3. Database Security Risks
    4. Legacy Applications Are Still Pervasive
    5. Desktops Have Legacy Application Challenges as Well
    6. Desktop DLP Helps Mitigate Different Insider Threats
    7. Compliance Audit Failures
    8. Stolen Fruit
    9. Top Ten Reasons to Implement Least Privilege for Applications and Databases
    10. In the News
    11. Why Give a DAM
    12. DAM Value
    13. Implementing Least Privilege for Databases
    14. Controlling Your Privileged Database Users
    15. Weighing In
  15. Chapter 9: Security Does Not Equal Compliance
    1. GRC Demystified
    2. Governance
    3. Risk
    4. Compliance: The Big C
    5. Case Study: Using Least Privilege to Meet Compliance
    6. The Demand of Compliance Versus the Ease of Open Source
    7. Walk on the Wild Side of a Failed Audit
    8. Case Study: Satisfying Auditing Challenges
    9. Balancing Security, Productivity, and Compliance
    10. The Tradeoffs Between Security and Productivity
    11. Weighing In
  16. Chapter 10: The Hard and Soft Cost of Apathy
    1. Lessons from Jérôme Kerviel
    2. Cyber Crime Can Be Lucrative
    3. How Much Is Your Code Worth?
    4. Lessons from Matt Miszewski
    5. One in 14 Can Cost You $129 Without Least Privilege
    6. Who's To Blame?
    7. Hard Versus Soft Costs
    8. The Soft Cost of Identity Breaches
    9. Case Study: Saving Help-Desk Costs
    10. Trust Alone Is Not an Option
    11. Calculating Your ROI for Least Privilege
    12. Cost-Justifying Least Privilege
    13. Weighing In
  17. Chapter 11: Final Thoughts for Least Privilege Best Practices
    1. Intent Versus Action
    2. Insider Threats Aren't Perpetrated By the Obvious
    3. Preventing Security Storms
    4. Bad Habits to Kick for IT Security
    5. Balance Security and Productivity
    6. Case Study: University Finds Balance
    7. Passwords Authenticate for Least Privilege
    8. Implement Least Privilege Now Not Later
    9. Weighing In
  18. Works Cited
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
  19. Index