Discussion 1

docx

School

University of the Cumberlands *

*We aren’t endorsed by this school

Course

535

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

1

Uploaded by DoctorFly2464

Report
The security design principles are meant to build an ongoing security mindset to help organizations improve the security posture of their workload as the techniques of threat actors continuously evolve. These principles influence the security of their architecture, design choices, and operational processes. If these principles aren't applied properly, a negative impact on business operations and revenue can be expected. Some implications could result in regulatory workload fines as well as continuous security issues before they are recognized. There are various fundamental security design principles that are in practice which enables the system to achieve its objectives. The least privilege and fail-safe defaults are two of these essential security design principles (Leavitt, 2023). The principle of least privilege (POLP) gives users limited access rights based on the tasks necessary to fulfill their job. It is a key component of Zero Trust, which is a security framework requiring all users to be authenticated, authorized and continuously validated for security configuration and posture before being granted access to applications and data. POLP ensures that only authorized users whose identities have been validated are granted access to certain systems, applications, data, and other assets. Organizations can limit user access to their network, systems, and resources by applying the principle of least privilege. The employees are given access on a strictly need-to-know basis. This prevents threat actors from entering the organization's network and gaining unlimited access to the confidential data, hence boosting data security (Vaideeswaran, 2023). The fail-safe defaults principle works by providing resources to users only after they have been granted permission. This ensures that no unauthorized individual has access to the information unless granted permission. In contrast to least privilege, where specified users are granted access to data and resources for a limited time or until the tasks are completed. If the user fails to complete the task, the changes are undone and the system is returned to a stable and consistent state. An example of its implementation is the rollback of database transactions that fail. These security design principles ensure that the organization operates in a safe and secure manner without jeopardizing the system's integrity and confidentiality. These principles also help in keeping the information and resources in their original and true form when accessed (Mlakar, 2019). References - Leavitt, S. (2023). Security design principles. https://learn.microsoft.com/en-us/azure/well- architected/security/principles - Vaideeswaran, N. (2023). What is the Principle of Least Privilege (POLP)? https://www.crowdstrike.com/cybersecurity-101/principle-of-least-privilege-polp/ - Mlakar, J. (2019). InfoSec Design Principles – 8 Security Principles to Implement. https://www.mlakartechtalk.com/infosec-design-principles-8-security-principles-to-implement/
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

pos.docx
1-3 CYB 200 SNHU.docx
IT 202 Project Two SNHU.docx
5-2 Project IT 200.docx
IT 212 Module Three Milestone.docx
Module 6 - Project One DAD 220.docx
Discussion 3.docx
Certificate Assignment.docx
Virtual Lab Enviornment Introduction Questions.docx
Configuring VLANs and Trunking Lab 1 Submission Form.docx
Developing_and_Implementing_Stored_Procedures_Lab.docx
System_Functions_Lab.docx