Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firing System Administrators CPTE 433 John Beckett.

Published byEvelyn Lindsey Modified over 9 years ago

Similar presentations

Presentation on theme: "Firing System Administrators CPTE 433 John Beckett."— Presentation transcript:

1 Firing System Administrators CPTE 433 John Beckett

2 Why, Why, Why? The two sides of the story are probably so different that you’d wonder if they were working in the same company –or inhabiting the same planet –Because unhappy terminations usually start with differences in perceptions Don’t pass info to others –This can hurt people –It decreases your credibility and promotability Focus on the technical tasks

3 First, the Headlines “Firing” an SA is undoing the access (s)he had while employed. That can be difficult because: –The SA may have designed the access scheme (perhaps in undocumented ways we call “back doors.”) –The SA probably had “root” access to many facilities. –Fundamentally, it’s an “agency” problem.

4 The Agency Problem The person whose (potential) misdeeds could harm stakeholders, is in control of information. Corporate CEO/CFOs: Control decision- making input to boards. SAs: Control the controls of your system

5 Termination Steps Procedure –Follow corporate HR policy –Use a checklist – file it when complete Access –Physical –Remote –Service & Applications Improve –Look for ways to shorten the checklist

6 Termination Checklist Part 1: Work with HR –They may already have a checklist Part 2: Technical aspects relating to the SAs job –Should include technical details on how to do each step –Likely to be updated every time you use it

7 How To Develop a Checklist Start with the checklist for processing a person in. Continue with a list of what they’ve developed or set up. Now you know what you must disconnect them from!

8 Three Levels of Access Physical Access –Deactivate card / Return key(s) –Deny Social Engineering Remote Access –Radius / Dial-in –VPN Application/Service Access Use a separate team for each level.

9 Physical Control Devices Could that key have been duplicated? Was this SA able to make access cards? –Again – that nasty agency problem! Do you actually have records of all cards or keys that have been distributed? Weigand cards are pre-serialized at the factory, which improves your ability to achieve good control.

10 Portable Property –Whose property is it, really? –How will you physically get it returned? –Accessories? –Cables? –Wall-Warts? –Are there subscriptions to cancel or re-direct? –Can you “nuke” this product?

11 Don’t We Trust Each Other? Good separation protects both: The firm, because it is less likely to suffer damage. –…or encounter confusion when solving a problem which might have had something to do with the fired employee. The employee who is leaving. –She wishes to remain above approach.

12 Case: “Zap This Drive” User’s job was to do research. All the research went on his hard drive (which wasn’t backed up.) He was fired. On his way out, he told the SA, “I’ve got some personal stuff on the drive so please nuke it.” The SA did what he was asked to do.. Who is responsible for this gaffe?

13 What Did the SA Do Wrong? 1.Honored the request of a fired employee. 2.Failed to recognize that the computer in its entirety was the property of the company. 3.Failed to have a backup program in place. Fortunately, a recovery program worked.

14 The Media Ministry I acted as a volunteer webmaster for a media ministry just starting to use the web My only contact at the ministry was fired for unspeakable behavior The ministry’s manager was worried that the fired person might strike back The manager called me when I was out of town on a trip, with limited connectivity

15 What We Did The manager and I authenticated each other –SDA workers can always do this –The procedure involves exchange of tokens that were shared experiences I “froze” the site by changing the root password –Should have done an extra backup as well Later, I passed control on to a new webmaster they acquired –Authenticated through a third party

16 What Could Have Gone Wrong The fired employee could have had a hacker friend –The hacker friend could have left a back door in the system –They could have made changes at a later time We were lucky –The fired employee actually cared about the ministry, even though his personal behavior was not what it should be

17 Improving the Process Have a single authentication database Document access that does not depend on this database Archive system configuration files –Audit changes, tracking them to specific tickets

Download ppt "Firing System Administrators CPTE 433 John Beckett."

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
Copyright 2006 Mid-City Offices Systems. Busy people… How would your business be affected, if you suddenly lost all of your computer data? Rush through.

Copyright 2006 Mid-City Offices Systems. Busy people… How would your business be affected, if you suddenly lost all of your computer data? Rush through.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Mobile Application Architectures

Mobile Application Architectures
Frequently Asked Questions Q: Why am I not getting job? A: There is huge difference in knowledge ACQUIRED in college & knowledge REQUIRED in IT industry.

Frequently Asked Questions Q: Why am I not getting job? A: There is huge difference in knowledge ACQUIRED in college & knowledge REQUIRED in IT industry.
ECEU300 Ethics in the Workplace Why talk about Ethics? Everyone is ethical, everyone knows how to behave at work. Everyone gets it about not stealing stuff.

ECEU300 Ethics in the Workplace Why talk about Ethics? Everyone is ethical, everyone knows how to behave at work. Everyone gets it about not stealing stuff.
Ms. Marla Gross MOS October 2012.  The process of leaving a job, whether you:  Found a new job, are fired, or company no longer needs your services/downsized.

Ms. Marla Gross MOS October  The process of leaving a job, whether you:  Found a new job, are fired, or company no longer needs your services/downsized.
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.

Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
020870A01_LT 1 Successful Interviewing Skills Surviving and Excelling in a Behavioral Based Interview.

020870A01_LT 1 Successful Interviewing Skills Surviving and Excelling in a Behavioral Based Interview.
Chapter 14: Troubleshooting and Problem Resolution.

Chapter 14: Troubleshooting and Problem Resolution.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Security Week 10 Lecture 1. Why do we need security? Identify and authenticate people wanting to use the system Prevent unauthorised persons from accessing.

Security Week 10 Lecture 1. Why do we need security? Identify and authenticate people wanting to use the system Prevent unauthorised persons from accessing.
SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.

SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.
Be able to plan e-commerce strategies. E-commerce strategy An e-commerce strategy encapsulates all the decisions which need to be made when setting up.

Be able to plan e-commerce strategies. E-commerce strategy An e-commerce strategy encapsulates all the decisions which need to be made when setting up.
Computer Security Fundamentals

Computer Security Fundamentals
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.
Organizing Your Job Search

Organizing Your Job Search
CRISIS COMMUNICATIONS PLANNING A rehearsal for crisis Planning is key.

CRISIS COMMUNICATIONS PLANNING A rehearsal for crisis Planning is key.
Chapter 13 Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Auditing Human Resources Processes: Personnel and Payroll in Service Industries.

Chapter 13 Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Auditing Human Resources Processes: Personnel and Payroll in Service Industries.
1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.

1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.

Similar presentations

Ads by Google