A lot of the recent leaks have been by system administrators. They have to have access to a bunch of stuff they really shouldn't, so they can help people get back in the system who do need the info inside. Ryan Macbeth had a good video on it.
A lot of the recent leaks have been by system administrators. They have to have access to a bunch of stuff they really shouldn't, so they can help people get back in the system who do need the info inside. Ryan Macbeth had a good video on it.
We need to implement "Two person controls" on a number of areas, one of which is obviously the password master file. The insider threat SA will still be able to talk some number of users out of their passwords though.
Better active audit log tracking might be a good job for AI.
Exactly. DoD is doubling down on limiting access to those who 'use' a system or information while doing nothing about the problem - the system administrators. We've had some gems too. One of the current crop is a nightmare; he can't figure out how to lock a safe. Manure will be hitting the fan in the future.
A lot of the recent leaks have been by system administrators. They have to have access to a bunch of stuff they really shouldn't, so they can help people get back in the system who do need the info inside. Ryan Macbeth had a good video on it.
We need to implement "Two person controls" on a number of areas, one of which is obviously the password master file. The insider threat SA will still be able to talk some number of users out of their passwords though.
Better active audit log tracking might be a good job for AI.
Separating SA and DBA/Apps roles helps
Above Rx already embedded into ISACA-COBIT Standards (Excluded from DoD Procurement Practices)
Also see profile of CJCS (4-Star) Cyber Commander
https://en.wikipedia.org/wiki/Paul_M._Nakasone?wprov=sfti1
These should become Cyber Command тАЬRules of the RoadтАЭ
for USG Systems life-cycle IT Governance
https://en.wikipedia.org/wiki/COBIT?wprov=sfti1
Following evolved from prior COBIT lessons learned (2008-2015)
https://en.wikipedia.org/wiki/ISO/IEC_38500?wprov=sfti1
Exactly. DoD is doubling down on limiting access to those who 'use' a system or information while doing nothing about the problem - the system administrators. We've had some gems too. One of the current crop is a nightmare; he can't figure out how to lock a safe. Manure will be hitting the fan in the future.