Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Top 10 Reasons Good People Do Bad Things Without Least Privilege

March 23, 2011

  • Blog
  • Archive
In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format. So without further fanfare or wasted space... the Top 10 Reasons Good People Do Bad Things Without Least Privilege are: #10 - Michelle, the CEO's Exec Admin leaves her current password list on a yellow sticky note taped to the bottom of her keyboard. #9 - Fred, the Rochester Linux admin "loaned" his root credentials to another admin because he was late for a dentist appointment and the server needed to be rebooted. #8 - Ted in Tech Support reset file and directory permissions on a mission critical Linux server to make his data migration project go smoother but in the process also gave access to sensitive data to the entire company. #7 - Sid in Development downloaded a couple of neat Apache applications and a few other unauthorized open source "tools" injecting malware into our corporate network. #6 - Fiona the Secretary completely cratered her PC configuration while trying to upgrade an application by accidentally "fat fingering" the wrong ip address causing her to lose two days of productivity while IT reimaged her machine. #5 - Bob the VP of Marketing now adds 220GB of personal data to the nightly backups as his entire iTunes library of 23,000 songs and 15 movies were put onto his corporate laptop. #4 - Alice in IT seems to bring down the entire network backbone every time she has a DNS misconfiguration error which seems to happen more often than not. #3 - Fred in IT installed a Trojan on the mission critical server, bringing it down for 4 hours and costing the company over $1M in lost transactions, because he was passed over for a big promotion. #2 - Sarah, the CIO "hides" all of the Linux root credentials (which are changed weekly) in a sealed envelope in the bottom draw of her desk and has to deal with a manual check in/check out process, but everyone know where she keeps the list. #1 - A member of the group known as "anonymous" overheard a systems admin bragging over a Palo Alto lunch how no one would ever figure out his password was "talkingninjamonkey2" after his favorite video game avatar.
Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

Whitepapers

Mapping BeyondTrust Solutions to the Qatar National Information Assurance Policy v2.0

Whitepapers

KuppingerCole Executive Review - BeyondTrust Endpoint Privilege Management

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.