Spring Clean your Systems Access
In businesses of all sizes one of the big security faults is
poor maintenance and monitoring of access to business systems. You would be amazed at the number
ex-employees and, even worse, ex-contractors, who still have access to business
systems across the world. Most will
never realize it, but a few will exploit that access and use the information they can retreave.
I recently spoke to a consultant
who had completed some accounting work for an international media company 7 months
ago. When he returned to do another
small contract at the beginning of December he was horrified to find that his
access to accounting data had not been disabled from his previous visit. Also the e-mail account that had been set up
was overflowing with junk mail. This is
not an unusual example. In many cases it
is the norm.
What could he have
done?
- Copied and used sensitive accounting
information.
- Made alterations that could have cost the
company money.
- Used his legitimate e-mail account to portray
himself as an employee.
- Attacked the business network from inside.
- Stolen money from the business.
A second problem with access is giving staff access to high
level, sensitive information so that they can carry out a particular piece of
work, and then forgetting to cancel it. The user is forgotten and only re-discovered if there is an audit - or an
incident. Many cases of insider fraud or
the copying of information to share with someone outside the company - such as
a new employer - comes through this route.
Why does it happen?
- People like to have access because it shows they
are important. If you don’t believe me ask any IT person who has had to remove
access from a member of staff. It is
like taking away their parking space - Man the barricades time!
- Businesses rarely have finite routine limits to
sensitive access.
- Businesses don’t regularly monitor and clean up
their access holders.
