What access controls do you place on engineers to prevent insider threat?

Top Answer : A #ZeroTrust foundation with proper logging/alerting combined with the tried and true approach of "least privileges". It's about having context around behaviors, not draconian controls

38 views
4 comments
1 upvotes
Related Tags
Orange USB Stick
Software
A #ZeroTrust foundation with proper logging/alerting combined with the tried and true approach of "least privileges". It's about having context around behaviors, not draconian controls
3 upvotes
Orange Hard Drive
Software
Agree with on zero trust. Specifically for me, as soon as possible eliminate shared access accounts and in-application “god view” and support access without user notification/approval workflows. Shifting security both left into development and right into operations means making processes to be performed safe, automated, and auditable.
1 upvotes
Red Cloud
Construction
Zero Trust practices Eliminate admins or supervisor-mode accounts as much as you can. Implement and review logs, implement tools to detect uncommon behaviors Make sure your backups are working fine (and recovery)  Implement info protection policies using active directory or other tools
0 upvotes
Pink Monitor
Software
While we don’t use these, Security User Behavior Analytics (SUBA) & User Behavior Analytics (UEBA)  tools are gaining popularity. But….these can’t be used in a vacuum.  An effective insider threat program is a significant effort.
0 upvotes