Re: Login/Logoff Activity

[Eric Case <eric () ERICCASE COM>]

Hi Will,

 

Is management willing to "live by the sword and die by the sword" (hire more
staff if the logs show the staff is overworked)?  How will management deal
with the logs being easily gamed (not logging out)?  What about unintended
consequences (your honor, I was logged in at work at the time of the hit and
run)?  What does your general counsel think of the idea?  What if someone
doesn't log in but checks email via the web or phone?

 

I believe IT should be an enabler for employees to do more and that includes
allowing people to work from home without getting their coworkers sick.  Do
you have a pandemic plan?  Can an employee take a sick day because of a sick
child but get some work done from home? 

 

What if someone takes a sick day, never logs in, and goes shopping / site
seeing with an out of town friend / relative?  What if someone doesn't take
a sick day but schedules meetings off site and goes shopping / site seeing
with an out of town friend / relative?  

 

I don't believe IT should be an enabler for employees or management to not
do their jobs and what the IA wants can be achieved via forensics on the
"home" pc, credit cards, etc.  If management is really doing their job,
login/logoff activity will be an non-issue.

-Eric

 

 

IT professionals will never ask for your password - not in email - not over
the phone, never.

 

Eric Case, CISSP

ecase (at) email (dot) arizona (dot) edu 

College of Architecture, Planning, and Landscape Architecture 

http://www.linkedin.com/in/ericcase

 

 

IT professionals will never ask for your password - not in email - not over
the phone, never. 

 

Eric Case, CISSP

eric (at) ericcase (dot) com

http://www.linkedin.com/in/ericcase

(520) 344-CISO (2476)

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Will Froning
Sent: Wednesday, April 24, 2013 8:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Login/Logoff Activity

 

Hello All,

On Thu, Apr 25, 2013 at 3:27 AM, Harry Hoffman <hhoffman () ip-solutions net
<mailto:hhoffman () ip-solutions net> > wrote:

Nah, this just means that Joe has outsourced his job for a quarter of
his pay and browses reddit and 4chan all day long ;-)

Cheers,
Harry


On 04/24/2013 06:24 PM, Valdis.Kletnieks () vt edu
<mailto:Valdis.Kletnieks () vt edu>  wrote:
> On Wed, 24 Apr 2013 15:01:36 -0400, Walter Moore said:

> On the other hand, a login from Zanzibar is even *more* suspect if Joe
> is sitting in his office. :)

 

This is a request from the internal auditor to see if it is common practice
to monitor this in academia (starting to look heavily like NO). 

 

As others on the list have mentioned, this is really a management issue at
it's core. The rebuttal for that comment was something like: "If technology
can help us to identify a management weakness, we can make corrective policy
driven actions to fix the weakness. IT isn't there to fix the problem, but
to provide visibility into whether or not there is a problem to correct."

 

So excluding the potential privacy concerns (which wouldn't really apply in
the corporate world), in their mind it's just using IT as a tool for
efficiency.

 

Not defending, just relaying.

 

Thanks,

Will


 

-- 
Will Froning
Unix SysAdmin
Will.Froning () GMail com <mailto:Will.Froning () GMail com> 
MSN: wfroning () angui sh <mailto:wfroning () angui sh> 
YIM: will_froning
AIM: willfroning