Home page logo

basics logo Security Basics mailing list archives

RE: RE: Securing workstations from IT guys
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 27 Nov 2007 13:51:35 -0800

  I quite agree.

  And in my experience, when steps are taken to keep "IT guys"
from accessing specific systems, the eventual result is that
*EVERYONE* (including on the Internet) has access to those
systems *except* the people whose job it is to protect them.

  That users do not regard this as a problem is a critical 
issue at layer 9 or 10 (layer 8 is Money; 9 and 10 are
Politics and Religion) and does not admit of a technological

David Gillett

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of 
kurt.kessler () umb com
Sent: Tuesday, November 27, 2007 7:29 AM
To: security-basics () securityfocus com
Subject: Re: RE: Securing workstations from IT guys

"This being said, to effectively do their jobs the IT staff 
needs to have access to everything. You have personnel 
problems if you cannot keep your IT staff from snooping where 
they should not.."

The IT staff should have the absolute minimum amount of 
rights that they need to do their job. Any more, is *ASKING* 
for this kind of problem. 
There should be several groups, where users are placed based 
on rights needed to perform their particular job. 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]