- Paperback: 220 pages
- Publisher: Apress; 1st ed. edition (October 12, 2011)
- Language: English
- ISBN-10: 1430239212
- ISBN-13: 978-1430239215
- Product Dimensions: 6 x 0.5 x 9 inches
- Shipping Weight: 12 ounces (View shipping rates and policies)
- Average Customer Review: 1 customer review
- Amazon Best Sellers Rank: #3,947,677 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Preventing Good People From Doing Bad Things: Implementing Least Privilege 1st ed. Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
See the Best Books of 2018 So Far
Looking for something great to read? Browse our editors' picks for the best books of the year so far in fiction, nonfiction, mysteries, children's books, and much more.
About the Author
Brian Anderson brings more than 25 years of global enterprise software and security industry experience to BeyondTrust, where he will be responsible for all aspects of corporate brand development, lead and demand generation to increase awareness and interest in all customer and investor segments. In addition, he will be responsible for building a VAR channel to expand distribution for BeyondTrust products globally. Prior to BeyondTrust, Anderson served as a serially successful chief marketing officer for several venture-funded companies. At Siderean Software, his branding efforts garnered rave reviews and numerous awards, including innovator status in the Gartner Magic Quadrant. At Avamar Technologies, his leadership resulted in a huge revenue increase and numerous awards. Avamar was subsequently acquired by EMC. Prior to Avamar, Anderson was director of marketing at IBM s Tivoli Security and Storage, a role he inherited after successful building industry leader Access360 s brand and sales pipeline through successful positioning for a sale to IBM. Anderson also served as chief marketing officer of HNC Software, which experienced tremendous growth during his tenure and was successfully acquired by Fair Isaac in 2002. Anderson served for seven years prior to HNC at FileNet Corporation, culminating in his role as vice president of worldwide corporate marketing. At FileNet, Anderson built a tremendous global channel organization that ultimately represented almost 50 percent of the company s revenue. He received his bachelor of science degree in computer science from the University of New Orleans.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
Specifically, least privilege is the notion that in a particular abstraction layer of a computing environment, every module (such as a process, a user or a program depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
Much has been written about the topic, but not about what to do to implement it. In Preventing Good People From Doing Bad Things: Implementing Least Privilege, the authors note that many companies have spent huge amounts of money on information security hardware and software, but don't make allowances to deal with what is often the weakest link in the organization, end-users.
In 11 easy to read chapters containing fewer than 200 pages, the book provides a good high-level overview of the concepts of least privilege. The book does not get into the details of access control on various operating systems, as that would triple the books length. Rather it details what happens when user rights are not adequately limited, and gives stories of the effects of unlimited administrator level rights.
While for the most operating system agnostic, the book does provide ways in which to living Active Directory rights in chapter 4, and touches similar concepts in Unix and Linux, as well as virtualization in chapter 6.
The title of chapter 2 pretty much sums up the entire book and concept - Misuse of privilege is the new corporate landmine. The authors quote Mark Diodati of Gartner that "organization continues to struggle with excess user privileges as it remains the primary attack point for data breaches and unauthorized transactions".
Another crucial topic us databases, discussed in chapter 8. Far too many DBA's have unfettered and unmonitored access across terabytes of data that can often lead to serious breaches.
The book concludes with some good ideas on how to break bad habits within IT. These pragmatic suggestions include (obvious) suggestions such as: stop allowing employees access to rook, not letting desktop users run as administrator, that hat just because a firm is using access control, that they are immune to data breaches, and more.
For those looking to get a handle on the topic, they will find Preventing Good People From Doing Bad Things: Implementing Least Privilege an excellent resource.