Q6A 200-250 words max
Research one instance of a security breach that occurred for each of the best practices of access control (separation of duties, job rotation, least privilege, and implicit deny). Write a short summary of the breach. Rank the four best practices from most effective to the least. Why did you rank them this way?
Reply to Responses: 100 words for each response max
Justin
Separation of duties
-In 2016 The Alberta Motor Association ( AMA) after its President of Information Technology defrauded the company of 8.2 million dollars over a 3 year period. Being the only employee with access to approve payment for good he created false invoices.
Job Rotation-The Equifax data leak was caused by an IT employee who failed to update critical updates to the company software. The security team failed to install a security update that was recommended to stop intruders.Least Privilege- The Target hack is an example of this. A Third-party HVAC company had administrative access to Target store’s internal network. They were given these privileges so that they could monitor the HVAC system performance. The attackers installed Malware onto the HVAC company’s devices and they were able to harvest credentials to the target network that gave them internal access.
Implicit Deny-In 2018 Veem was compromised when one of their IP addresses resolved to an unprotected database. It was all because there was no password protecting the database.
The ranking I choose from most effective to least is based on the level of importance each has and the effectiveness of each.
Hayden
Separation of duties – Fraudulent application process could result in a breach of security. there was a instance in a company where all the confidential information of company network was taken care by single person. He had give total control over security configuration. The individual had an argument with management and manipulated the data causing trouble for the company. Thus it is important to separate work assignments.
Job rotation
– When users become accustomed to their jobs and the security configurations around their jobs they will try to find ways to exploit these. An example would be a breach that occurs due to the employee using an insecure exploit and accidentally leaking information. To prevent this it is important to have employees rotate job functions so they do not try to exploit the systems.
Least privilege
– Least privilege deals with employees having access to systems or files they do not need. An example of a breach of this would be if a user who had full access to all systems was hacked, for now the attacker has access to the entire systems instead of just what the user needed.
Implicit deny
– Implicit deny works on firewalls to deny access to any address that was not specifically granted access. This can cause a headache to employees if the site they want to access was not granted access. An example of a breach with this would be if implicit deny was not set up and any address was able to access the network.
Ranking:
Least privilege
Implicit deny
Separation of duties
Job rotation
I ranked them this way due to the level of security they grant. Least privilege is a standard and helps if the company does face a breach. Implicit deny grants more security. Separation of duties grants some security but mostly protects against interal threats. Job rotation again helps against internal threats but also would be the most difficult to get working.
REPLY