mailing list archives
Re: Getting security back from the sys admin
From: jfvanmeter () comcast net
Date: Thu, 06 Dec 2007 21:08:58 +0000
there needs to be a seperation of duties, they can't correct security issues and run the systems too... thats kind of
like letting the fox guard the hen house.
Just my two shiny centovos--John
-------------- Original message ----------------------
From: "lowney" <lowney24 () hotmail com>
Let me explain my current situation,
I work for a large company who has a security team (which I am part of) and
a team of sys admins. In the past, the security team did not have enough
knowledge and will to keep all the security responsibility of this company.
SO as usual, the sys admin got the load of another team(security) on there
shoulders. Now my Director of security wants to recuperate all of this lost
responsibility. And of course, the sys admin now are not agreeing in this
transfer (I do understand that it's frustrating for them though, being an
ex-sys admin myself).
I would need some help getting an overall idea of what arguments I
could use to fix this situation. I want to do this in a peacefully manner.
We do not want to do this in an enraging way; we do want to preserve good
relationship with them.
Basically I want to write a document that would show that the security
professional are to be responsible for security, and AT MINIMUM have read
access (yes sadly we cant even connect to the servers.. nor can we connect
to applications...(and if you ask what security we do I will answer we do
none we manage usernames/password in AD and on the network share.. clerk
I hope your ids will help. Remember we have 0 privileged right now. I'm
talking about Windows Box, GPO and so on. (Don't bother with linux I already
have that covered)
You would make an almost-elite h () x0r happy
- Re: Getting security back from the sys admin jfvanmeter (Dec 06)