What access controls do you place on engineers to prevent insider threat?

A #ZeroTrust foundation with proper logging/alerting combined with the tried and true approach of "least privileges". It's about having context around behaviors, not draconian controls

38 views
4 comments
1 upvotes
Related Tags
Anonymous Author
A #ZeroTrust foundation with proper logging/alerting combined with the tried and true approach of "least privileges". It's about having context around behaviors, not draconian controls
3 upvotes
Anonymous Author
Agree with on zero trust. Specifically for me, as soon as possible eliminate shared access accounts and in-application “god view” and support access without user notification/approval workflows. Shifting security both left into development and right into operations means making processes to be performed safe, automated, and auditable.
1 upvotes
Anonymous Author
Zero Trust practices Eliminate admins or supervisor-mode accounts as much as you can. Implement and review logs, implement tools to detect uncommon behaviors Make sure your backups are working fine (and recovery)  Implement info protection policies using active directory or other tools
0 upvotes
Anonymous Author
While we don’t use these, Security User Behavior Analytics (SUBA) & User Behavior Analytics (UEBA)  tools are gaining popularity. But….these can’t be used in a vacuum.  An effective insider threat program is a significant effort.
0 upvotes