Risk due to network administrators

Someone on a forum I subscribe to suggested that there is a major risk of network administrators misusing their privileges. Why admins rather than CFOs, CEO or other staff, I don’t know.

“Major”?
As in often?
As in large impact that stops the business operating?

If its that bad why not just get rid of them?
Its probably easier to automate their job than that of the CFO.

I’ve written here and elsewhere that many people from a technical background don’t understand ‘risk’. Not only do businessmen view risk differently, but risk only occurs when you have something that may offer an advantage – else why would you be doing it?

The limiting case is gambling at a casino or playing . You be against odds because because you might win. Business take business risks because they can make a profit.

But in gambling and business you can only loose as much as you bet, and you have a pretty good idea of the odds – in a casino you know them for sure. In InfoSec we don’t know the odds (except when they are a certainty, like SPAM or Viruses).

So think in business terms.
Companies employ system and network administrators.
Big deal.
They also employ accountants and CFOs.
Who do you think could cause more harm to the business?
A network admin reading other people’s mail or a CFO that defrauds the company by writing phony cheques?

So if a network admin is a “major” threat because of what he _might_ do, *if* you employ a scum-bag and *fail* to do a background check or get him pizzed off, then what grade of threat do you think a similar CFO rates?

Context, I keep telling you, is Everything.

Published by

Anton Aylward

Security Evangelist

Leave a Reply