Blog Editors

Joe Hodnicki
County Law Library Director
Butler County Law Library (OH)
Email

Mark Giangrande
Reference Librarian
Lecturer in Law
DePaul University Law Library
Email

Contributing Editors

Caren Biberman
Director of Library & Information Services
Cahill Gordon & Reindel LLP
Email

Sarah Glassmeyer
Director of Content Development
CALI
Email

Victoria Szymczak
Director of the Law Library
Associate Professor of Law
Univ. of Hawai‘i at Mānoa, School of Law
Profile
Email

David C. Walker
Information Services Librarian
Lincoln Memorial Univ.
Duncan School of Law Library
Email

About Law Librarian Blog
Email Editor Comments & Content

News Readers & Feeds
FeedBurner Subscription Service
Enter your Email:


Powered by FeedBlitz
View Recent Posts from Network Blog Feeds

Search This Blog

Blog Traffic

Since January 1, 2005

Disclaimer

Just in case you don't get it: The views expressed are solely those of the blog post author and should not be attributed to anyone else, meaning they do not necessarily represent the views of any organization that the post author is affiliated with or with the views of any other author who publishes on this blog.

Blogware

Powered by TypePad

Notices

© Copyright All Rights Reserved
Contact post author for permissions

« Tort Reform | Main | Job Opening: Reference Librarian, IIT/Chicago Kent »

May 19, 2005

On Firing Your Staff Geek

If you are going to fire one of your systems staffers, what do you do? You make sure your cut off his e-mail and network access, and change all crucial passwords at the same time you are ambusing him with an exit interview and immediately followed by someone escorting him out of the building. No brainer.

The US Secret Service and Carnegie Mellon University released a new "insider threat" survey.

Among the key findings of the ITS study of insider sabotage across critical infrastructure sectors are the following:

A negative work-related event triggered most insiders’ actions.
• Most of the insiders had acted out in a concerning manner in the workplace.
• The majority of insiders planned their activities in advance.
• When hired, the majority of insiders were granted system administrator or privileged access, but less than half of all of the insiders had authorized access at the time of the incident.
• Insiders used unsophisticated methods for exploiting systemic vulnerabilities in applications, processes, and/or procedures, but relatively sophisticated attack tools were also employed.
• The majority of insiders compromised computer accounts, created unauthorized backdoor accounts, or used shared accounts in their attacks.
• Remote access was used to carry out the majority of the attacks.
• The majority of the insider attacks were only detected once there was a noticeable irregularity in the information system or a system became unavailable.
• Insider activities caused organizations financial losses, negative impacts to their business operations and damage to their reputations.

To repeat, if you are going to fire one of your systems staffers, you make sure your cut off his e-mail and network access, and change all ...

May 19, 2005 in Gov Docs | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341bfae553ef00d8351133aa53ef

Listed below are links to weblogs that reference On Firing Your Staff Geek: