Top 10 Reasons To Implement Least Privilege For Your Clouds
In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format. So without further fanfare or wasted space… the Top 10 Reasons to Implement Least Privilege for Public, Private and Hybrid Clouds are:
#10 – Andy the admin at
#9 – Clara, your server admin can’t instantiate a new server used for private cloud applications that will facilitate one business unit admin from poking in on the data from other business units’ instantiation of a cloud app on the same server.
#8 – Sid in development won’t be able to code in a back door for privileged access to your hybrid cloud architecture.
#7 – Harry, the industrious business unit admin won’t be able to “tune” you your private cloud to what he read was “optimal” on Seth Grodin’s latest blog.
#6 – Ted in Tech Support won’t be able to change cloud file permissions without the proper policy-driven permissions just because it made his job easier today.
#5 – Barney, the new business unit manager won’t be able to blame “mistaken identity” for missing his quarterly goal because he read that was something that happens when cloud security goes bad.
#4 – Sam, the CSO won’t continue to lose sleep at night fretting over who can hijack admin privileges for any public, private or hybrid instantiation of their corporate infrastructure.
#3 – John, the CEO won’t get called out in the press for a data breach after moving all data to what he thought was a secure, lower-cost private and hybrid cloud.
#2 – Vito, a member of the hacker’s guild, won’t be able to take advantage of the cloud streamlining the efficiency of identity theft.
#1 – Bill, the chairman of the board won’t have to explain why he needs to spend $100,000,000 to fix a cloud data breach problem with the statement “at least it’s not as much as Sony had to spend for it’s breach.”