This was an intersting article that talks about how hospitals often leave one user logged into a system to save time, essentially allowing many people to view data. Even data that they might not have rights to otherwise see.
Not a good practice and we used to play constant jokes on people whose desktops were left unlocked, especially administrators. Everyone should have a locking screen saver set and if you have a privleged account, you should always lock your workstation, even if you're going to get a cup of coffee from the next room.
So this Friday we have a security related poll:
How much do you use shared accounts?
By shared, I don't mean 1,000 people hitting a web server that accesses a database through one account shared by every person. That's a different type of application. What I mean is having two different people using the same credentials to access information. So it would be like me and by co-editor Tony both accessing the SQLServerCentral.com system with the same login.
It's something I don't see a lot of, but I know it still happens, so I'm wondering to what extent to allow shared accounts.
I'll even add one more sidebar to this poll: how many of you use the same account to access your systems as run email, web, etc. I'd always held one account in the places I'd worked until the early 2000s when I started at a job and was assigned two accounts on the first day, one privileged, one not. I was supposed to use the regular account for email, logging cases, etc. and the privileged one for accessing servers and doing administrative tasks.
I have to say that I quickly ignored my regular account because of the hassles of logging off and back on. I ran Windows 2000 back then and the runas command didn't work as well as it does now. Right now I have an administror account on my desktop, which is all I use because I found issues with installing some software as an administrator and it not running for my local user. I hope that becomes a requirement of all Windows software soon, but I've had issues.
On my laptops, I used a separate, Power User account to work on a daily basis and an administrator account for when I need it. So far that's worked well.
How many of you out there have similar setups or even worry about the issues of sharing accounts among people or job roles?
The Voice of the DBA Podcasts
The podcast feeds are now available at sqlservercentral.podshow.com to get better bandwidth and maybe a little more exposure :). Comments are definitely appreciated and wanted, and you can get feeds from there.
or now on iTunes!
- Windows Media Podcast - 28.5MB WMV
- iPod Video Podcast - 21.1MB MP4
- MP3 Audio Podcast - 4.4MB
Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.
I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.