Firewall Wizards mailing list archives

Re: What challenges are security admins facing?

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 27 May 2003 11:05:47 -0400 (EDT)


        [SNIP]


If you're doing user-ids, think about automatically expiring ones which 
haven't been used for some period of time.


Many corps so overlook establishing and *enforcing* a strict policy in
this area, corps of all sizes.  But, I think the worsest I've seen was in
those companies that tend to do alot of acquisitions, especially when
those acqusitions tend to make then widely global in nature and
infrastructure.  It's hard in these newly acquired settings to get a
handles on who's now your employee and who was cut in the process, let
alone determining how well the previous managment and staff dealt with
these things prior to their becoming new corporate assets.

I've preformed audits for major vendors in the securit realm that had
employees off the books for 4-5 years and they still had 'active' accounts
on servers and systems.  Sometimes those accounts remained due to
something being installed and run under that userid and still needed for
business to happen, and staff was too lazy to fix the issue properly.
sometimes it was just the lack of a policy regarding the removal or
locking of just moved on employees, often the policy was there, but, was
not strictly adhered to or enforced.  Electroshock therapy on the job
helped make this less an issue after the first or second audit pushed alof
of 'extra' work on staff's backs to correct.  The more intense the shock,
the less likely the problem was to find  it's way into the third and
future audits...unless there's a new acquisition after therapy...

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

What challenges are security admins facing? Paul Ammann (May 27)
- Re: What challenges are security admins facing? Paul Robertson (May 27)
  - Re: What challenges are security admins facing? R. DuFresne (May 27)
  - Re: What challenges are security admins facing? ark (May 28)
    - Re: What challenges are security admins facing? Paul Robertson (May 28)
    - Re: What challenges are security admins facing? ark (May 28)
- RE: What challenges are security admins facing? Ben Nagy (May 27)
- Re: What challenges are security admins facing? R. DuFresne (May 27)
- <Possible follow-ups>
- Fw: What challenges are security admins facing? Paul Ammann (May 29)
  - Re: Fw: What challenges are security admins facing? R. DuFresne (May 29)