0

An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing.(www.computerweekly.com)

posted
by
Avatar
Aboel3z@programming.dev
in
Avatar
programming@programming.dev
3 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
Carighan Maconar@lemmy.world
0 points

Yeah my ex makes a lot of money basically sitting down with companies and over years (because it’s such an arduous process to get managers to understand the importantance of) make them slowly, ever so slowly, do proper access or even identity management.

permalink
report
reply
Avatar
Laser@feddit.de
0 points

For all the criticism it gets, this is something that Common Criteria at EAL 3 and higher covers, and if your company can’t ensure secure development of a product, the product doesn’t get certified. At least my scheme is always very strict with life cycle aspects, and if you’re not getting a certificate for a market it’s required in, that’s money lost, and a huge motivator for management to implement changes.

permalink
report
parent
reply

Programming

!programming@programming.dev

Create post

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person’s post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you’re posting long videos try to add in some form of tldr for those who don’t want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

Community stats

  • 3.5K

    Monthly active users

  • 756

    Posts

  • 5.9K

    Comments

Community moderators