Security Basics mailing list archives
Getting security back from the sys admin
From: "lowney" <lowney24 () hotmail com>
Date: Thu, 6 Dec 2007 15:14:59 -0500
Hello, Let me explain my current situation, I work for a large company who has a security team (which I am part of) and a team of sys admins. In the past, the security team did not have enough knowledge and will to keep all the security responsibility of this company. SO as usual, the sys admin got the load of another team(security) on there shoulders. Now my Director of security wants to recuperate all of this lost responsibility. And of course, the sys admin now are not agreeing in this transfer (I do understand that it's frustrating for them though, being an ex-sys admin myself). I would need some help getting an overall idea of what arguments I could use to fix this situation. I want to do this in a peacefully manner. We do not want to do this in an enraging way; we do want to preserve good relationship with them. Basically I want to write a document that would show that the security professional are to be responsible for security, and AT MINIMUM have read access (yes sadly we cant even connect to the servers.. nor can we connect to applications...(and if you ask what security we do I will answer we do none we manage usernames/password in AD and on the network share.. clerk work)). I hope your ids will help. Remember we have 0 privileged right now. I'm talking about Windows Box, GPO and so on. (Don't bother with linux I already have that covered) You would make an almost-elite h@x0r happy
Current thread:
- Laptop-threat model dimkovtrajce (Dec 06)
- Getting security back from the sys admin lowney (Dec 06)
- Message not available
- Re: Getting security back from the sys admin Franck Vervial (Dec 07)
- RE: Getting security back from the sys admin Rivest, Philippe (Dec 07)
- RE: Getting security back from the sys admin Nick Vaernhoej (Dec 07)
- Re: Getting security back from the sys admin Franck Vervial (Dec 07)