Protect your network from rogue employees

With every business and government organization dependent on their IT networks, full protection from both outside intruders and inside mischief makers is absolutely essential. The City of San Francisco learned that lesson the hard way. Terry Childs, a network administrator, stands accused of creating a super-password on the switches and routers in the city's Fibre WAN, and using it to block everyone else's access to administrative functions.

Childs was charged with four counts of computer tampering, and held on $5 million bail. The case highlights the need to protect organizations from rogue employees. Cameron Laird, the vice president of Houston, TX, security consultancy Phaseit, tells CIO.com that principles like access control have been incorporated into IT culture. But he said other protection concepts like "least privilege,'' are only beginning to be widely incorporated while "dual authorization" hasn't made it into the culture yet. "For an organization of any size, say the government of a city of a million people, you really need to get serious about how you manage privileges," Laird said.
 
 
For more on internal security:
- see this cio.com article