WikiLeaks and WikiWar and More Misuses of Privilege
So I can’t resist one more post on this WikiLeak phenomena that still seems to be blazing through the blogosphere and mainstream media. I’ve seen it described as everything from aWiki-War to Wiki-Gaga, and yet most writers are still forgoing that if you give someone permission to do something, they will inevitably do it. In this case, I am referring to the information technology (IT) privileges granted to individuals and associated technologies to monitor and control what these people are doing. Or the lack thereof.
In a previous blog titled WikiLeaks: The Disease or the Symptom, we discussed that by implementing a least privilege solution you are taking the first step towards better information technology management and a method of policing corporate governance. The root cause (excuse the pun) should ultimately be recognized as the misuse of privilege.
Implementing a privilege identity management solution can allow you to:
- Eliminate admin rights across servers, desktops, network devices, virtual and cloud environments to prevent anyone from having omnipotent access to those resources.
- Control levels of privilege for those resources to ensure the elimination of the misuse of privilege.
- Log all events and administrator activities so that in the event of a breach or a misuse of privilege, you can remediate that breach.
- As today’s t-shirt points out, you can focus on the variables that positively effect your business growth instead of being at war with your user community or wind up in the press.