[ale] Security best practice - Remove or disable user accounts?
Jeff Hubbs
hbbs at comcast.net
Thu Aug 7 12:51:28 EDT 2008
There are "best practices" and then there's actually thinking about what
you want to have happen, figuring out how to do it, and executing it as
planned.
What ought to happen in most cases is that when a user leaves (or, if
the user is being shown the door, *before* the user knows what's about
to hit him), the user's read/write access should be stopped (i.e., by
changing passwords, carting off machine(s), disconnection). Then, his
files (including e-mail) should be copied off and made available in a
read-only, controlled-access fashion (e.g., CD/DVD) and stored, and then
the files should be deleted securely (i.e., overwritten or destroyed)
along with any accounts.
Some people disable accounts so that managers or admins can just reset
the password and log in as the user to see their e-mails, get their
files, etc. Bad Idea (TM). Someone could have left some code or script
behind as a "hand-grenade" such that someone logging in and not knowing
what special thing to do next had the effect of "pulling the pin." Good
way to lose your data warehouse, have the boss' g04ts3x pr0n e-mailed to
the entire company, disable your PBX and have Alice Cooper songs playing
as the outgoing message to all callers, etc.
Again: "best practices" are purported bits of knowledge that IT
professionals that weren't working retail at Belk's only two years
before are supposed to already know...assuming the BPs in question were
applicable or even sensible in the first place.
By the way, at none of the places I have ever worked, whether I resigned
or was laid off, was the sort of thing I just described *ever* done -
unless I did it myself.
- Jeff
Jeff Lightner wrote:
>
> At a former job the policy was to disable rather than remove user
> accounts.
>
> However, on checking for “best practices” I don’t find any indication
> why this should be and find several references to removing them
> completely.
>
> Does anyone know of a best practice that explains why disabling would
> be preferable to removing?
>
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or
> confidential information and is for the sole use of the intended
> recipient(s). If you are not the intended recipient, any disclosure,
> copying, distribution, or use of the contents of this information is
> prohibited and may be unlawful. If you have received this electronic
> transmission in error, please reply immediately to the sender that you
> have received the message in error, and delete it. Thank you.
> ----------------------------------
> ------------------------------------------------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
More information about the Ale
mailing list