Friday, March 18, 2011

Interesting Internet Security Horror stories

when trusted IT individuals go wrong: Importance of Security can be well revised by these horror stories. These well composed story contains three real time scenarios where internal employees were trusted more than what they should and how much they can affect a business.
Scenario 1: Failure to prevent dual control/ shared knowledge of critical assets/ Lack of Separation of duties and lack of monitoring of administrative functions caused a company a total of $250,000 to $300,000 to get it back to normal operations.
Scenarios 2: How a Sys Admin misused her privilege to plant an logic bomb in her company's internal network and costed 7 million USD loss to the company...
Scenario 3: When this Fortune 100 company upgraded its security, it made a nasty discovery. One of its senior system admins, who had been there at least eight years, had surreptitiously added a page to the company's e-commerce Web site.
A very well written story by Tam Harbert on how important is it to look at the basics when it comes to security.. For full  on How could Security fail: when trusted people go bad.