On Tue, 16 Sep 2014, David Lang wrote:
Our work sure qualifies under the first point, and while large shops have checks in place, Snowden has shown that even the NSA can't prevent a rouge Sysadmin from doing series damage, and is no different than a large Engineering or Law firm that can attempt to put in similar checks, but can't possibly hope to prevent all problems.thoughts?
Most organizations put large obstacles between their sysadmins and a host of corporate activities, e.g., hiring full-time employees, purchasing or selling capital assets, entering into binding legal agreements.
Most organizations put obstacles between their sysadmins and a small subset of data, e.g., employees' self-encrypted files (password managers or SSH keys), some legal/personnel records.
Few organizations can do more than that without having a huge budget for both system administration and security. Personally, I wouldn't want to work for one of them.
-- Paul Heinlein [email protected] 45°38' N, 122°6' W
_______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
