• Choose a category
• All
• Classic-Fiction

By Root 3278 0

wouldn’t normally be given. For example, an office or clerical person might need to gather information for a special report. Specialized access should be granted only for the period of time during which they need the access. A separate account with these special privileges is usually the best way to manage these types of situations. When the special project is finished, the account can be disabled or deleted. This ensures that privileges don’t become associated permanently with a user or a department. Security professionals who ensure that only authorized access occurs can monitor special accounts to reduce the potential for a security violation to occur.

Systems administrators are also subject to privilege issues. If an organization has multiple servers, it may not want administrators to have access to all the servers for administrative purposes. In larger organizations, company-wide access could create a serious security risk. As a rule, you should grant administrative access only to specific systems and possibly grant it only at specific times. Again, doing so limits a company’s exposure to security violations.

Auditing

Auditing is the process of ensuring that policies, procedures, and regulations are carried out in a manner consistent with organizational standards. A periodic security audit of user access and rights review can help determine whether privilege-granting processes are appropriate and whether computer usage and escalation processes are in place and working. Think of an auditor as a consultant charged with helping to ensure that procedures are followed.

An auditor who is doing a good job should pull no punches and should offer concrete suggestions on how to improve. These suggestions may pertain to areas of improvement in contingency planning, to security and access problems, or to physical control issues. The information an auditor provides is extremely valuable; acting on it can save your organization time and aggravation. You may not like the results of the audit, but they can be used as a valuable tool to help improve the organization.

Many will argue over the correct steps to go through when performing an audit. The specifics may differ, but the following general steps should always be undertaken: Plan for the audit, conduct the audit, evaluate the results, communicate the results and needed changes, and follow up.

The following sections discuss the need to verify that users are given appropriate permissions to accomplish the work they’re assigned.

Privilege Auditing

Privilege audits verify that accounts, groups, and roles are correctly assigned and that policies are being followed. An audit should verify that access is established correctly, security is in place, and policies are effective. A privilege audit might entail a complete review of all accounts and groups to ensure that they’re correctly implemented and up-to-date.

The problems associated with the transfer of an individual in an organization are common. When a personnel transfer occurs, the transferred user needs to be removed from old groups. Failing to do so can result in privilege creep, which occurs when an individual accidentally gains a higher level of access than they would normally be entitled to or need.

Usage Auditing

Usage auditing verifies that systems and software are used appropriately and consistently with organizational policies. A usage audit may entail physically inspecting systems, verifying software configurations, and conducting other activities intended to prove that resources are being used appropriately.

A major concern (although not primarily a security concern) is the issue of installed software and licensing. Illegal use of unlicensed software can carry stiff penalties. Examining systems on a periodic basis verifies that only the software an organization is licensed to use is installed.

From a security perspective, some software is more vulnerable to exploitation than other software. If vulnerable software is installed, it may create a back door or other unauthorized usage problem.