Administrators… Trust them?
System administrators have a lot of power when it comes to access control of systems and perhaps more importantly data. There is a lot of responsibility for these key players.
Nothing more highlights what can go wrong when you upset an administrator. An ex-IT manager for the Council of Community Clinics resigned after unfavourable evaluation. Over the Christmas period of 2007, he logged onto the servers and disabled the backup program. He logged in once again a week later and systematically deleted the files containing patient appointments.
Now one could argue that there was no exit strategy for the administrator, that is disable the former employee’s account and having a set of policies may have stopped this from happening. You could log the administrator’s activities automagically, etc.
But in a way, you have to trust your administrator. Administrators should understand the responsibility they have. Play nice guys!
If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
You’d be surprised at how companies understimate the value of their system administrator. After all, they are usually not the most well-paid in an organisation. If you were a head honcho or a director in a company, your primary focus would be the business itself not the infrastructure.
Ideally there should be handover processes in place where the old administrator passes on information to new administrator. An administrator is not going to remember every single security and system item. Especially if they are thinking about their new job (or looking for a one). They may even conveniently forget to mention a particular item and use that to access the network at a later point.
A simple thing like changing all passwords would require ‘redtape’. Procedures is the only way but far from foolproof.
Any company having recently given their IT administrator the boot should most definately have taken precautions.
Surely the new / acting admin would have changed all passwords etc?
This is just careless, plain and simple.