Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

=?iso-8859-1?Q?Re:_Guidelines_For_System_Administrators??=

from [asutton] Network Security [Permanent Link]
Subject: =?iso-8859-1?Q?Re:_Guidelines_For_System_Administrators??=
Date: Sun, 23 Oct 2005 09:48:01 +0200 

Theres only two main rules;

- Thou Shalt Not Access The Data Of Others Without Permission From
Management.
- Thou Shalt Not Modify A System Withou A Change Control Process Having
Been Completed.

If you make breaking these rules a "gross misconduct" offence (which
usually means instant dismissal) it should ensure that anything SAs can
do is done in a controlled manner.

The other thing is, of course, seperation of duties. Do not have any
single SA with the ability to access all system, but have different SAs
for different areas (i.e. one for production and one for DR where all
the replica data is held), that way if one SA does go bad, the data
held by the other should be OK.

Hope this is useful.

Al.
--
Al Sutton
Argosy TelCrest
www.argosytelcrest.com


Lim Kah Wee <yauii@linuxmail.org> wrote on 21.10.2005, 11:40:21:

Hi,

Was wondering if there are any guides or codes of ethics which lists the do's 
and dont's for a system administrator?

A system administrator would be something like a "god" in the organization 
from a system perspective, with virtually full rights to all the systems. So 
was wondering if there are any set "guidelines" on what can or cannot be done 
by the system administrator? Any good links to look at?

Thanks.
-kw-


-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • =?iso-8859-1?Q?Re:_Guidelines_For_System_Administrators??=, asutton <=
Previous by Date:  Re: Guidelines For System Administrators?, jfvanmeter
Next by Date:  Re: Guidelines For System Administrators?, Michael Goffin
Previous by Thread:  RE: Top Information Security Management Challenges in the Enterpr ise Today?, "Weigel Muñoz, Margarita"
Next by Thread:  bank audit checklist, sectraq
Indexes:  [Date] [Thread] [Top] [All Lists]