What access controls do you place on engineers to prevent insider threat?

1.7k views1 Upvote4 Comments

CTO in Software, 11 - 50 employees
A #ZeroTrust foundation with proper logging/alerting combined with the tried and true approach of "least privileges". It's about having context around behaviors, not draconian controls
Senior Director, Defense Programs in Software, 5,001 - 10,000 employees
Agree with on zero trust. Specifically for me, as soon as possible eliminate shared access accounts and in-application “god view” and support access without user notification/approval workflows.

Shifting security both left into development and right into operations means making processes to be performed safe, automated, and auditable.
CIO in Energy and Utilities, 11 - 50 employees
Zero Trust practices
Eliminate admins or supervisor-mode accounts as much as you can.

Implement and review logs, implement tools to detect uncommon behaviors
Make sure your backups are working fine (and recovery) 
Implement info protection policies using active directory or other tools
Senior Information Security Manager in Software, 501 - 1,000 employees
While we don’t use these, Security User Behavior Analytics (SUBA) & User Behavior Analytics (UEBA)  tools are gaining popularity.

But….these can’t be used in a vacuum.  An effective insider threat program is a significant effort.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
40.7k views131 Upvotes319 Comments

Insider threats – rogue admins19%

Encrypting my data51%

Deleting my backup copies11%

Resident malware8%

Data theft – data exfiltration11%



1.6k views1 Comment

Big Data21%

Remote Work17%

Microservices / Containerization11%

CI / CD5%



Digital Transformation16%

Cloud / Cloud Native1%

DevOps or DevSecOps6%

Other (comment)1%


2.6k views5 Upvotes16 Comments