We have showed that the insider threat is significant in this blog for the last 2 years and have even pointed out recently that it made the Wall St Journal among other well respected publications. But, when President Obama aims to stop WikiLeaks-style disclosures, then least privilege has really come of age.
That’s correct, President Obama “Establishes Insider Threat Task Force” according to GovINfoSecurity.com. The article goes on to report “President Obama issued an executive order Friday [Oct 7, 2011] that establishes an Insider Threat Task Force to prevent potentially damaging and embarrassing exposure of government secrets, such those made public by WikiLeaks.” The article then goes on to say “The White House, in a statement accompanying the executive order, said its strategic importance is to ensure the government provides adequate protections to its classified information while at the same time sharing the information with all who reasonably need it to do their jobs.”
Thea article concludes with “In addition, the administration said it sought to ensure that policies, processes, technical security solutions, oversight and organizational cultures evolve to match its information sharing and safeguarding requirements. The administration, in developing the executive order, also said it sought to respect privacy and civil rights and emphasize that effective and consistent guidance and implementation must be coordinated across the entire government. “We are only as strong as our weakest link and this is a shared risk with shared responsibility,” the White House statement said.”
It’s about time the White House is catching up with ideas we have been educating the world on for years. Establishing a Least Privilege environment is the first step to achieving an IT environment whereby everyone can still be productive while being secure and the ability to intentionally, accidentally or indirectly misuse privilege is mitigated. Read about how you can implement this here.