In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format. So without further fanfare or wasted space... the Top 10 Reasons to Implement Least Privilege for Public, Private and Hybrid Clouds are:
#10 - Andy the admin at won't be able to use their admin privileges to your instantiation of a public cloud for data theft.
#9 - Clara, your server admin can't instantiate a new server used for private cloud applications that will facilitate one business unit admin from poking in on the data from other business units' instantiation of a cloud app on the same server.
#8 - Sid in development won't be able to code in a back door for privileged access to your hybrid cloud architecture.
#7 - Harry, the industrious business unit admin won't be able to "tune" you your private cloud to what he read was "optimal" on Seth Grodin's latest blog.
#6 - Ted in Tech Support won't be able to change cloud file permissions without the proper policy-driven permissions just because it made his job easier today.
#5 - Barney, the new business unit manager won't be able to blame "mistaken identity" for missing his quarterly goal because he read that was something that happens when cloud security goes bad.
#4 - Sam, the CSO won't continue to lose sleep at night fretting over who can hijack admin privileges for any public, private or hybrid instantiation of their corporate infrastructure.
#3 - John, the CEO won't get called out in the press for a data breach after moving all data to what he thought was a secure, lower-cost private and hybrid cloud.
#2 - Vito, a member of the hacker's guild, won't be able to take advantage of the cloud streamlining the efficiency of identity theft.
#1 - Bill, the chairman of the board won't have to explain why he needs to spend $100,000,000 to fix a cloud data breach problem with the statement "at least it's not as much as Sony had to spend for it's breach."
