Enterprise IT Watch Blog

Sep 15 2010   6:35AM GMT

It’s 10 PM. Where’s your network administrator?



Posted by: Kevin Beaver
Tags:
Kevin Beaver
Security

Microsoft’s sixth law of Immutable Laws of Security states that “a computer is only as secure as the administrator is trustworthy.” How does your administrator rank on the trust scale? Working with systems/network administrators in my security assessments – and having been one in the past – their level of access is typically unlimited. And no one seems to be watching.

I’m not saying you should micromanage your IT folks; that’ll only run them off. But don’t let your guard down either. There have been some highly-publicized cases of admins doing misdeeds or simply being sloppy with security when they shouldn’t have been. This is probably something you’re not ready to take on.

If you’re a business manager or internal auditor, never lose sight of the fact that the master key to everything electronic is in your administrator’s hands.  It seems obvious, but it’s something many take for granted, trusting that all’s well in IT-land just because the administrator says everything’s okay. That’s not always the case.

For further reading, I delve into this topic further in the following piece I wrote for SearchWinIT.com:

Are your IT administrators trustworthy?

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: