Sign in Subscribe
By Gary Shewan in Infosec

Check the superusers

When someone with any kind of authority or access leaves an organisation, it should trigger a review of accounts. Execs, System Owners and Super Users. You should be doing that at least once a year anyway. But also asap when someone like that leaves.

To justify this in the past I have explained how it’s good practice and adheres to policy (sometimes wot I wrote). Great to point to when audited. We manage privileged access etc. But also, once in a blue moon…things happen.

And now, I can point to a public example:

“On initial investigation, the Company learned that a former executive officer of the Company deliberately de-activated and cancelled the renewal of the Company’s website, which significantly impacted the Company’s IT systems, including delivery and receipt of electronic email communications from customers, investors and other stakeholders of the Company”

Oof. Link to 8-K

Subscribe to Gary P Shewan

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe