Ah, the principle of least privilege.  Such a basic idea, but very powerful nonetheless.  The idea is pretty simple (well… it’s self explanatory just from reading the principle): only give employees the minimal amount of privileges needed to complete their jobs.  This can save so much in terms of damage both on a financial and probably more importantly, a reputation level.  It’s amazing to still see how many people undermine the internal threats of businesses, but it will continue to happen if principles like this one are not implemented properly.

My previous column on the questionable long-term effects of least privilege created a firestorm of controversy and discussion. Personally, I think controversy is good if it gives people on both sides of the argument a chance to reconsider their previous conclusions. If the argument changes your mind, then maybe your original conclusions needed more consideration. And if it strengthens your support, one way or the other, then at least you had an opportunity to reexamine your beliefs and provide yourself even stronger arguments.

Click here to watch a video featuring Gartner vice president Michael Maoz sharing new insights on innovative technologies and processes shaping the future of customer service.

Click here to learn how Continental Dispatch Accelerates Customer Service with a Hosted Contact Center System.

Click here to learn how to leverage greater long-term value from your CRM system.

Click here to read how Oracle has dramatically improved pipeline management and, in turn, increased sales velocity.

What I wasn’t prepared for was how many people thought I hated Microsoft’s User Account Control (UAC), or thought I disagreed with the concept of least privilege. Both these arguments couldn’t be further from the truth. There are lots of reasons to use least privilege mechanisms, UAC or otherwise. Off the top of my head, here are four:[more]

Tags: Computer Protection