Separation of Duties
Learn the importance of dividing duties among an organization’s employees.
We'll cover the following
Overview
Separation of duties is similar to least privilege except that the separation of duties focuses on distributing permissions among more than one person.
The insider threat
To protect against the insider threat, permissions should be designed so that no individual has access to everything. Excessive privileges can give individuals the opportunity to commit end-to-end fraud. We prevent this by creating logical barriers between systems and functionality in the form of a secure permissions design.
Example of an insurance company
Let’s look at a hypothetical insurance company’s IT systems. To reduce the chance of fraud being committed by an employee, separation of duties should be used to prevent the same person from being able to create a new insurance policy and then file a claim against that policy. Being able to do both of these things would give an employee the ability to commit insurance fraud.
Get hands-on with 1200+ tech skills courses.