Here's a good discussion on ServerFault http://serverfault.com/questions/171893/how-do-you-search-for-backdoors-from-the-previous-it-person/171924
Plus, Tom Limoncelli's two volumes on "The Practice of System and Network Administration" do quite a good job of covering this. As you can imagine, a requisite part of this is an accurate inventory of all the accounts and authorizations that users have, both in-house and with vendors/hosters/cloud providers - including the bank, the local PF/FD, the security/alarm company, etc. On Fri, Oct 3, 2014 at 3:13 PM, Esther Schindler <est...@bitranch.com> wrote: > Howdy, folks. It's me again -- your random writer/journalist who > occasionally asks for input in order to ensure her articles reflect the > real world. > > In particular: *What should a company do to protect its information when > an employee departs? *When someone leaves the company, the HR department > is quick to grab the employee's laptop. But what about the data on the > employee's equipment? How can the organization know what's on her mobile > devices? Does anyone know to which websites and other cloud-based software > the employee has access? > > I'm aiming to create a checklist for IT (working with HR) to ensure the > company's data doesn't walk out the front door. > > For example, I still have access to a surprising number of websites and > other company/client resources. For example, one client had given me access > to Google Analytics in 2009. They closed down the project in 2010 (and I > believe there's NOBODY left at the company who even remembers it existed). > But I can see its web traffic today. I also had access to a major > publication's blog comment system (e.g. "mark as spam") for three years, > and the only reason it went away then is that they changed their commenting > system. It's a good thing I'm ethical, or I could have had entirely too > much fun doing naughty things. > > So… what advice would you give sysadmins about what to look for? Because > while it might occur to IT to change a user's admin rights on Active > Directory, it might not occur to them to check for all site access (if they > even know, and I'm sure that in neither of my cases anyone did). > > I could quote you by name if you like, but I'm just as happy to share your > wisdom without naming names. Here I only care about expertise… not who said > it. So you don't have to worry about getting in trouble! > > Can you send me whatever input you have by, say, Tuesday October 7th? > > _______________________________________________ > Discuss mailing list > Discuss@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > >
_______________________________________________ Discuss mailing list Discuss@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
