Read more...
Friday, October 29, 2010
Information Security
You probably know that your network administrators have full access to all your servers. But did you know they may also have full access to your workstation? Even while you’re sitting at your desk, your administrator may access any file on your workstation without your knowledge through “administrative shares.” Private or highly confidential corporate documents on your executives’ computer may be just as vulnerable.
Subscribe to:
Post Comments (Atom)
RSS Feed
2 comments:
At Upic, we view this as more of an HR/personnel issue than a security issue.
Administrators intuitively know they have access to just about everything, but that doesn't give them the right to do so. Access to data does not constitute authorization to view data when it comes to system administrators. Otherwise HR, executives, and other staff would never be able to store anything sensitive or confidential electronically on corporate systems.
We require every person and organization with system administrative access to become trained on their responsibilites and what constitutes abuse as a system admin. They also have to sign a "privileged access agreement" which documents that they know and understand our definition of abuse of their access responsibilities.
With system access/admin rights comes a high level of personal responsibility to act/behave in a professional manner.
Many larger organizations understand this and have strict policies. Too many organizations are just not aware. Policies are great but the reality is, people are people. Salary information, disciplinary letters, board meeting minutes, insider trading information, etc., may be all too inviting for some. Turning off administrative shares on some computers may be a wise.
Personally, I think this is a security hole known by technology staff and hidden from most users. I think if everyone knew about this, Microsoft would be under a whole lot of pressure to close it.
Post a Comment