A Need to Know Basis

In November 2019 two Twitter employees sent ripples through the cybersecurity community when they were charged with spying on behalf of the Saudi Arabian government. While Twitter is a multi-billion-dollar company, managers at small to medium sized businesses can learn a big lesson from this tech giant: “least privilege”. The concept is simple: every module (process, user or program) must only have access to the information and resources that are necessary for its legitimate purpose. When a company is hacked, one or more individuals with a strong understanding of computer science gain unauthorized access to a company’s systems. These individuals …