Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: Removing FIred admins

From: Steve Wray <steve.wray () paradise net nz>
Date: Sat, 14 Feb 2004 09:27:30 +1300
From: Michal Zalewski [mailto:lcamtuf () ghettot org] 

On Fri, 13 Feb 2004, Steve Wray wrote:


Actually, isn't that what DRM is all about?


No, not in the real world.


Sorry that was actually a bit of a facetious joke; 
DRM (Digital Restrictions Management)could,effectively, 
make DRM compliant PCs such that there are programs
that they cannot run, hence they would not be Turing complete.

I didn't mean that DRM would help in firing sysadmins.

The rest of it is good advice though.
Carrots work better than sticks (except that some 'donkeys'
apparently like pain. Ahem).


Here's a good hint: hire reasonable people, treat them well. 
To help them
help you, establish access policies, keep admins accountable, 
and track
access rights. Require more than one person to carry out 
certain critical
actions.

Keep in mind that accounting and cleanup procedures are the 
last line of
defense. When employees turn against you, you can clean it all up, but
they still are an enemy you rather would not have.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: