Practical Information Security Management by Tony Campbell
Author:Tony Campbell
Language: eng
Format: epub
Publisher: Apress, Berkeley, CA
Edward Snowden
Edward Snowden was employed by the National Security Agency (NSA) as a computer systems consultant, with administrator-level privileges to the NSA’s internal network. For whatever reason, and there is much speculation as to whether his story told publicly is the truth or was he simply an unknowing victim of espionage, he used the privileges he had to copy a massive number of highly sensitive, national security documents from their network and released it to the media, claiming it was in the public interest to see what the US government was up to. Snowden had the highest level of clearance and, as such, was trusted by the NSA to run their systems. He proved through this deception and leaking of TOP SECRET information that he was not trustworthy, irrespective of whether his motivations were altruistic or criminal.
Would delegation of administration have stopped this? Potentially it might have helped. If he had of had less rights to NSA systems, then he may not have been able to get the documents off their network. This would have slowed him down considerably as he would have needed to copy the documents off the screen, print them (which may be have been flagged) or somehow photograph them using a smartphone, which again may have been noticed. If he was designing systems, he didn’t need production passwords. If he was administering production systems, he didn’t need domain administrator rights for all his work—he could have been better controlled.
Finally, if all of this was entirely impossible to stop as he needed those rights for his work, then every time an administrator uses a “privilege function” should raise an alert to the security operations team, who should seek a change request or some kind of rationale why the work was being done. As it turned out, none of these controls were in place. Edward Snowden became disenfranchised with the US government for one reason or another and misused his position of trust to leak millions of documents. As a result, he seriously undermined the United States’ national security capability and reputation and could well have jeopardized military and intelligence operations, putting countless lives at risk. Using delegation of administration coupled with comprehensive auditing and alerting, this could have been prevented.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Linux Device Driver Development Cookbook by Rodolfo Giometti(3935)
Embedded Programming with Modern C++ Cookbook by Igor Viarheichyk(3630)
Implementing Cellular IoT Solutions for Digital Transformation by Dennis McCain(3567)
Embedded Linux Development Using Yocto Project - Third Edition by Otavio Salvador & Daiane Angolini(3403)
TinyML Cookbook by Gian Marco Iodice(3335)
Simplifying 3D Printing with OpenSCAD by Colin Dow(2843)
TinyML Cookbook by Gian Marco Iodice & Ronan Naughton(2604)
Fusion 360 for Makers by Lydia Sloan Cline(2222)
Networking A Beginner's Guide by Bruce Hallberg(2210)
Hands-On Linux for Architects by Denis Salamanca(2053)
But How Do It Know? by J. Clark Scott(2032)
Computers For Seniors For Dummies by Nancy C. Muir(2003)
Raspberry Pi and MQTT Essentials by Dhairya Parikh(1953)
Arduino Project Handbook, Volume 2: 25 Simple Electronics Projects for Beginners by Geddes Mark(1951)
9781803246888-ENHANCING DEEP LEARNING WITH BAYESIAN INFERENCE by Unknown(1902)
Hack and HHVM by Owen Yamauchi(1884)
31 Days Before Your CompTIA A+ Exams (Shanette Luellen's Library) by Benjamin Patrick Conry(1863)
MicroPython Projects by Jacob Beningo(1740)
Hands-On Internet of Things with MQTT by Tim Pulver(1710)
