ITM is an open framework - Submit your contributions now.

Means

Ability to Modify Cloud Resources

Access

Aiding and Abetting

Asset Control

Bluetooth

Bring Your Own Device (BYOD)

Clipboard

FTP Servers

Installed Software

Media Capture

Network Attached Storage

Physical Disk Access

Placement

Printing

External Printing

Privileged Access

Removable Media

Screenshots

Sensitivity Label Leakage

SMB File Sharing

SSH Servers

System Startup Firmware Access

Target Disk Mode Access

Unrestricted Software Installation

Unrevoked Access

Web Access

ID: ME026
Created: 29th April 2025
Updated: 29th April 2025
Contributor: The ITM Team

Ability to Modify Cloud Resources

A subject is able to create, modify, or delete cloud resources within an organization.

Prevention

ID	Name	Description
PV023	Access Reviews	Routine reviews of user accounts and their associated privileges and permissions should be conducted to identify overly-permissive accounts, or accounts that are no longer required to be active.
PV048	Privileged Access Management (PAM)	Privileged Access Management (PAM) is a critical security practice designed to control and monitor access to sensitive systems and data. By managing and securing accounts with elevated privileges, PAM helps reduce the risk of insider threats and unauthorized access to critical infrastructure. Key Prevention Measures: Least Privilege Access: PAM enforces the principle of least privilege by ensuring users only have access to the systems and data necessary for their role, limiting opportunities for misuse. Just-in-Time (JIT) Access: PAM solutions provide temporary, on-demand access to privileged accounts, ensuring users can only access sensitive environments for a defined period, minimizing exposure. Centralized Credential Management: PAM centralizes the management of privileged accounts and credentials, automatically rotating passwords and securely storing sensitive information to prevent unauthorized access. Monitoring and Auditing: PAM solutions continuously monitor and log privileged user activities, providing a detailed audit trail for detecting suspicious behavior and ensuring accountability. Approval Workflows: PAM incorporates approval processes for accessing privileged accounts, ensuring that elevated access is granted only when justified and authorized by relevant stakeholders. Benefits: PAM enhances security by reducing the attack surface, improving compliance with regulatory standards, and enabling greater control over privileged access. It provides robust protection for critical systems by limiting unnecessary exposure to high-level access, facilitating auditing and accountability, and minimizing opportunities for both insider and external threats.
PV002	Restrict Access to Administrative Privileges	The Principle of Least Privilege should be enforced, and period reviews of permissions conducted to ensure that accounts have the minimum level of access required to complete duties as per their role.