Back on May 20th I posed the question whether network administrators, or anyone with Admin rights to a resource for that matter, should be licensed. The premise was that if the person is a professional then they should be willing to submit to a background check, and to operate under a code of ethics in their daily work.
As of last week we have now seen the worst case scenario play out. A network admin for the City of San Francisco created a super user for himself for the network resources and locked out the other admins from the network. He then proceeded to hold the network hostage in order to ensure that his employer would not take action on a performance compliant they were building. What information that is being released now makes this story even more unbelievable.
It would appear that the city of San Francisco hired a person previously convicted of aggravated burglary to maintain part of the city's IT infrastructure with the full knowledge of this past criminal history. He is now sitting in jail and the city still does not have it's network back in full operation. Under the concept risk management and good security practices this hire would not have been viewed as a wise move. Under the previously suggested practice of licensing system administrators this person would not have been allowed to have admin rights at all. All that said, who was watching the store on this one? Were there no configuration audits during this person's tenure in this ill advised position? How about automating that audit function? Immediate notification of an unauthorized change to the network environment would have been advised don't you think?
This type of transgression should have never taken place and was very easily prevented. Answer-if a hiring decision seems like a bad idea, it probably is. In this case, I am 100% sure it was a bad idea. No license for this guy.
No comments:
Post a Comment