Snoops

  • As Admins of the systems, whether it be at the domain level or at the database level - there should be curiosity. There are good reasons to be snooping around. We have the obligation to make sure the data in the database is good data and that processes are not out of whack or that somebody hasn't decided to store the CVV in the database (for example). As Domain admins, they should be snooping the network to find what is consuming network storage, find if there are any clear text files that contain sensitive data and so on.

    I found one system once that had all of the socials of employees stored in a text file on an unprotected server. Everybody in the company had access. In the same location there was a spreadsheet with hr information. We had that system locked down within minutes.

    So long as there is good being done with the knowledge from snooping, then it should be done. If it is being used maliciously or for personal gains - then it shouldn't be done.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

  • Robert.Smith-1001156 (8/3/2010)


    Uh oh. Somebody got out of the cranky side of bed this morning.

    In my experience, unless you're in a union shop you really can't afford to be that literal about your job description. If my job description includes keeping servers running, then that includes identifying any possible threats, which means snooping if necessary.

    Obviously this requires good judgement and discretion. The contents of an age field doesn't pose any credible threat so I would have no justification for viewing them, but an encoded Word document might well pose a threat.

    You've got to be flexible and take some initiative. Sorry if you think that's being egotistical. I call it doing a good job.

    Well, there is a distinction here between testing if the data can be hacked without access, and using your access to view information that ought to be confidential.

    If you want to try to hack an encoded Word document to see if it can be done, that can be a responsible IT thing to do. But if you get into the file, you don't have to then go walking line by line through the data absorbing the information.

    Although this does bring something into question about that 74% number: how did they define "snooping" on the survey. There is a world of difference between using priviliged access to view information you shouldn't, and testing vulnerabilities on the system, but either could be considered snooping. So did the surveyed people know what they were answering?

Viewing 2 posts - 31 through 31 (of 31 total)

You must be logged in to reply to this topic. Login to reply