Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Stopping employee from accessing anything and everything in production impacts productivity and engineer often do not want to work in that kind of environment.


It's also not possible, by definition someone needs some access. Compromise enough of those people and there's no way around it.


Exactly. Only thing you can do is make a drill where you assume everything is hacked and audit access daily, weekly and monthly.


Implementing a zero-trust architecture with a trust-score system for users and a dynamic policy for accessing resources can help to limit potential damage in the event of a security incident. But I agree that the balance between protecting against attacks and maintaining productivity can be delicate.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: