The Capital One incident exposed data on 106 million credit card customers and applicants was exposed. The most effective way to mitigate this type of identity abuse is by enforcing the principle of least privilege. The author’s company is one among many that use a least-privilege access approach to cloud security services. AWS IAM is a powerful tool that allows administrators to securely configure more than 2,500 permissions (and counting) to achieve fine-grained control over which actions can be performed on a given resource.”]
Source: https://www.darkreading.com/cloud/7-steps-to-avoid-the-top-cloud-access-risks