Insider IT Sabotage - Super Villain of the Digital World?

Mon, 21 Jul 2008 14:29:13 -0400

San Francisco network sabotage leaves administrators feeling helpless

It's still "dark" within the city of San Francisco's network and IT organization after it was determined one of its own network administrators went rogue and changed passwords and allegedly enabled lock-out code preventing any others from accessing the key components. He is still holding the master password for ransom.

According to Insider Threat Research from CERT there most likely would have been pre-cursory warning signs:

Summary of Observations made within a study conducted by CERT, US Secret Service and the National Threat Assessment Center

- 90% of Insiders were granted system administrator or privileged system access when hired by the organization

- 57% of Insiders were perceived as being disgruntled due to unmet expectations

- 92% of Insiders attacked following a negative work-related situation such as termination, dispute with employer, demotion or transfer

- 87% of Insiders performed technical precursors prior to the attack that were undetected by the organization

- 75% of Insiders created access paths unknown to the organization, 57% did not have authorized system access at the time of the attack

- 93% of Insiders exploited insufficient access controls

This should be chapter one in the "Worst Case Scenario" book for CIOs and corporate boards.

Ensure that controls are in place to allow IT administrators (role) to perform their duties (responsibilities) within their job function and scope (segmentation). However monitor, track and alert on all password changes to ensure that the keys to the digital foundation of your organization are not enabling IT Sabotage and or malicious hi-jinks.

This type of drama is unfolding like a comic book, similar to the Marvel comic character Rogue, who at times is good, at times is evil but shares one trait with today's Digital Super Villain - the ability to absorb the powers of others. This could even be exemplifed by the modern day boxoffice thriller Hancock.

Bottom line: Don't let your controls only be policies on paper. Make sure you have the power of enforcement!

Kim Singletary
Director of Embedded Solutions
ksingletary@solidcore.com

Rajesh Rajamani
Product Manager
raj@solidcore.com

CRN Names Solidcore Emerging Tech Vendor

Tue, 08 Jul 2008 16:30:15 -0400

Solidcore honored for innovative and easy-to-use technology that goes beyond industry giants

Solidcore has been selected as a CRN Emerging Tech vendor for its S3 Control software. CRN's Emerging Tech list captures companies that are delivering high margins for solution providers with innovative and easy-to-use technology that goes beyond the technology of industry giants.

According to the CRN Emerging Tech Survey, the top reasons solution providers add emerging technologies include: The technology is superior to other products in the market segment; the technology complements a solution providers' existing practice areas; emerging vendors provide better services opportunities; emerging vendors pay better attention to partners; emerging vendors offer higher margins; customers want alternative product choices; and emerging vendors have better joint marketing programs. In addition, 61 percent of solution providers surveyed plan to increase the number of emerging technology vendors they partner with in the next 12 months.

"New and innovative vendor partners can help spur profitable new ideas that solution providers can use to build revenue and customer loyalty, and the CRN Emerging Tech list is where Solution Providers go to find these vendors," said Robert C. Demarzo, senior vice president and editorial director, Everything Channel editorial.

Tony Thompson
Corp. Marketing & Communications
tthompson@solidcore.com

ITIL | Solidcore Blog

Insider IT Sabotage - Super Villain of the Digital World?

See Also

CRN Names Solidcore Emerging Tech Vendor

See Also