Abstract

ABSTRACT A common target of cyberattacks today is the vulnerable endpoint device, which can be exploited by hackers to gain access into an organization. This paper presents a theoretical framework for addressing endpoint security by leveraging the principle of least privilege across the overlapping domains of people, process, and technology in organizations. The framework emphasizes nine key elements to endpoint security with associated policy statements designed to promote an organizational culture favorable to least privilege thinking. Leveraging an action design research methodology, we integrated the proposed managerial tool in an organization and incorporated feedback from industry professionals to evaluate it and to generate ideas for the development of a commercial endpoint security application. As a contribution, this framework is one of the first scholarly efforts to apply the principle of least privilege to endpoint security which can be valuable to cybersecurity consultants and academics.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Specifying and enforcing the principle of least privilege in role‐based access control
Xiaopu Ma ... Ruixuan Li
Concurrency and Computation: Practice and Experience | VOL. 23
Xiaopu Ma, et. al.Xiaopu Ma ... Ruixuan Li
29 Mar 2011
Architecting a secure internet
Saikat Guha ... Paul Francis
-
Saikat Guha, et. al.Saikat Guha ... Paul Francis
23 Oct 2005
Enforcing the Principle of Least Privilege with a State-Based Privilege Control Model
Bin Liang ... Wenchang Shi
-
Bin Liang, et. al.Bin Liang ... Wenchang Shi
01 Jan 2004
Towards an Architecture for End-to-End-Encrypted File Synchronization Systems
Christian Hoffmann ... Steffen Heinzl
-
Christian Hoffmann, et. al.Christian Hoffmann ... Steffen Heinzl
01 Jun 2015
View more papers

More From: Journal of Computer Information Systems

Paper Title
Journal
Date
Author
AI Orientation, Capabilities, and Business Value: Case Study
Maggie C M Lee ... Eric W T Ngai
Journal of Computer Information Systems | VOL. ahead-of-print
Maggie C M Lee, et. al.Maggie C M Lee ... Eric W T Ngai
16 Nov 2024
Digital Transformation (DT) and Artificial Intelligence (AI) Convergence in Organizations
Karim Feroz ... Myungjae Kwak
Journal of Computer Information Systems | VOL. ahead-of-print
Karim Feroz, et. al.Karim Feroz ... Myungjae Kwak
10 Nov 2024
Data and IT Systems Security in Contemporary Organizations
Celina Sołek-Borowska ... Jacek Woźniak
Journal of Computer Information Systems | VOL. ahead-of-print
Celina Sołek-Borowska, et. al.Celina Sołek-Borowska ... Jacek Woźniak
09 Nov 2024
The Tipping Points of Video Conferencing Solutions
Se Jun Byun ... Jae Young Choi
Journal of Computer Information Systems | VOL. ahead-of-print
Se Jun Byun, et. al.Se Jun Byun ... Jae Young Choi
31 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.