A number of our readers have highlighted the issues at Fannie Mae. One asked an interesting question regarding what defenses there are against this happening in your organisation. Swa, Adrien and I kicked this around for a few minutes and came up with a short list:
But how do you achieve this in your organisation, are there any automated tools which can make the admin's role a lighter one? Drop us your suggestions by the contact form and I'll update as I receive them. Update 1: Hal Pomeranz dropped us a note pointing towards his article on the SANS Forenics blog, certainly worth a read! Brian also dropped us a e-mail saying "One place I worked for used a version control system (CVS in that case) for just about everything -- DNS zone files, IOS router configs, you name it. At least that way, you get an audit trail, and the possibility of auto-emailing diffs when the changes get checked in." This is a simple and workable arrangement for a small organisation, but how would it scale for a financial like Fannie Mae?
|
Stephen 89 Posts Feb 3rd 2009 |
Thread locked Subscribe |
Feb 3rd 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!