Sunday, October 07, 2007

Handling Rogue Sys Admins

The rogue system administrator turned bad is a classic in the annals of insider threats. In an article this week in Computer World, Jon Espenschied, provides a five-step process for finding and weeding out malicious insiders. The story is interesting also because he compares it to a recent consulting engagement in Iraq.

Ryan Groom provides a three-step approach in his About.com Business Security site, and I had a chapter in my book, The Little Black Book of Computer Security.

No matter how look at it, this isn't an easy problem to deal with. Neither is profiling potential malicious insiders, as I noted in another SearchSecurity piece in May. In that article, I discuss profiling work done by CERT, which is the benchmark for studies on insider threats.

0 Comments:

Post a Comment

<< Home