|
|
|
|
|
|
by abramN
2764 days ago
|
|
|
a lot of it comes down to a strong and well-supported Information Security Officer and team, with detailed policies and procedures and a least-privileges-required security model. Someone shares credentials? Fired. The CEO or another exec wants an exception to the P&P so their buddy can get access? Well they'll get reamed by the ISO and possibly written up. No exceptions, and a paranoia about breaches is what helps to prevent such breaches from happening. Note I say "help," because there are no measures that are 100%. It's defense in depth and defense in breadth that will keep you off the front page (at least this year). |
|
|