The concept of Separation of Duties (also known as Segregation of Duties) applies to many different industries. The principle was developed in accounting to avoid errors and fraud but it also applies to general business practices. Although it has its beginnings in the business world, Separation of Duties has become a powerful security principle in IT and information systems.
Edward Snowden exposed the United States government’s actions in spying on its citizens, corporations, and allies. Many of the techniques used by the NSA were successful because of weak cyber security practices. Snowden himself used a loophole in the government’s Segregation of Duties implementation to access the data without being identified (more on that later). In the post-Snowden era, internal information security has now become a priority for everyone. Read More →