Not Watching The Watchers
Mitchell Ashley, CTO at StillSecure
Who's watching the watchers? Do you adequately protect root, require use of SU (the substitute user command), and audit all user actions on servers, network, and security devices? Today's smartest employee could be tomorrow's worst nightmare.
We are rapidly reaching a point where a security breach or data loss will result in the firing of both management and staff. Isn't it worth putting your job on the line to get your company to take security seriously? Worst case -- it's better to be fired now than later because of an incident.
Businesses are not coffee shops. Is it really worth the risk to allow end users to use P2P, download music and files, install software apps, play games or surf non-business sites? A balance is necessary but you don't want to be at the top of the teeter top when the other end goes empty.