Teri RadichelJan 19, 2024

Separate Repositories for a Job Execution Framework, Job Images, and Job Configurations
~~
ACM.434 Also building docker containers with files from different directories or contexts and problems with buildx on Amazon Linux
~~
#separationofduties #security

https://medium.com/cloud-security/separate-repositories-for-a-job-execution-framework-job-images-and-job-configurations-77913e1c968d

KSev 🇳🇴🌻🚲Jan 13, 2024
“The union also has clashed with Spirit over whether machinists should ever be responsible for checking their own work. Workers say having separate inspectors sign off on individual work is critical for quality control; Spirit and Boeing executives say that technological advances have reduced the need for separate inspectors…”
#SeparationOfDuties #QualityControl #Boeing #SpiritAeroSystems
https://apple.news/AiAqc6yMkR5uQ5M9rsaOovA
‘This Has Been Going on for Years.’ Inside Boeing’s Manufacturing Mess. — The Wall Street Journal

Outsourcing worried engineers and sparked battles over quality before a door plug blew out on an Alaska Airlines plane midflight

Teri RadichelDec 6, 2023

Adding Environments to An AWS Infrastructure Naming Convention
~~
ACM.411 Adding permissions and aligning with naming convention changes to include the environment
~~
#AWS #Environment #SeparationofDuties #TrustBoundaries #Policies #Organizations

https://medium.com/cloud-security/updates-to-root-templates-and-commands-52510ae2f0f4

Show threadJ. R. DePriest    :EA DATA. SF:Feb 15, 2023
@BenAveling that's not a hot take. It's #LeastPrivilege and #SeparationOfDuties. It's temporary #StepUpAuthentication and timeouts.
A particular user should only be able to do what they need to do for a particular job function, but only when they need to do it, and only for as long as it takes to do the thing.
Teri RadichelJan 24, 2023

Delegated Administrator for AWS Organizations: ACM.139 Delegating governance via service control policies to an AWS Governance account
~~~~~~~~
by Teri Radichel | Jan 24, 2023
#cloudsecurity #governance #iam #aws #separationofduties #rootoftrust

https://medium.com/cloud-security/delegated-administrator-for-aws-organizations-8b58c021e8e1

Delegated Administrator for AWS Organizations - Cloud Security - Medium

As I mentioned in the last post, I’d like the governance team to operate out of a governance account and I want to limit activities in the root account. I created a separate account in the last post…

Cloud Security
Teri RadichelJan 20, 2023

Would You Accept an Inconvenience To Prevent a Data Breach?

Addressing the rise in credential and session compromise
~~~~~~
by Teri Radichel | Jan, 2023
#cloudsecurity #iam #mfa #separationofduties #securityarchitecture #circleci #oktapus

https://medium.com/cloud-security/would-you-accept-an-inconvenience-to-prevent-a-data-breach-f0df9de628e9

Would You Accept an Inconvenience To Prevent a Data Breach?

In my last post, I wrote about AWS Service Control Policies that can be leveraged to create organization-wide policies. These types of policies, when leveraged properly can reduce the chance of…

Cloud Security
Teri RadichelJan 8, 2023

AWS SSO (IAM Identity Center) for Separation of Duties: ACM.126 Creating a permission set for DNS Administrators in AWS SSO
~~~~~~~~~~~~
by Teri Radichel | Jan 8, 2023
#aws #identitycenter #sso #separationofduties #cybersecurity

https://medium.com/cloud-security/aws-sso-iam-identity-center-for-separation-of-duties-f9e6627fc5a3

AWS SSO (IAM Identity Center) for Separation of Duties

In my last post I explained how you can have better governance and control the risks associated with DNS configuration changes by segregating your domain names out to a separate account and only…

Cloud Security