Monday, July 21, 2008

The Insider Threat

Much has been said recently about the Network Admin in San Francisco who shut down the city-wide wireless network last week. As I tend to focus more on IdM than security or privacy issues I was not sure if I was going to discuss the event in my blog. that was of course until I read this interview.

It made me remember that the central part of any IT Infrastructure requires trust. I recall a posting by Dave Kearns some years ago where he spoke fairly eloquently about this. (At least I think it was. Dave, care to comment) Anyway, the whole thought was that you have to be able to trust your Network Administrators.

Now for the obvious part. As President Reagan used to say,"Trust, but Verify" This means, making sure there's no orphan or rogue accounts in the systems. GRC tools will be a must in this verification.

3 comments:

Dave Kearns said...

You're probably thinking of "Is your staff a threat to your organization's security?" which starts:

A couple of thousand years ago the Roman poet Juvenal asked "Quis custodiet ipsos custodies?" That is, who will watch the watchers? In over 20 years of consulting, hand-holding, troubleshooting and securing networks one of the most frequently asked questions I hear from business leaders is "How do I keep sensitive data from the prying eyes of the network administrators?"

The answer has always been "trust."

Anonymous said...

Terry Childs did not shut down any network and the network in question was not wireless. Interestingly, the case appears to be one of he, the system administrator for the network, not trusting anyone in management within the same department with access to the FiberWAN routers...

Matt Pollicove said...

Anonymous, you make an intersting comment. The fact is there was a lack of oversight that any proper risk management plan should have accounted for, and the lack of governance in determining standards was poor as well. If you don't have the first two there's no way that there can be any kind of compliance checking. This was the thrust of the posting whatever Mr. Childs did.