Sorry, I found this one humorous. Would somebody that wrote a sabotage
document it with their name? :-) I guess if they were dumb enough to put
in a sabotage they may be dumb enough to put their name on it.
Anyways, back to work.
Oh, and when you walk the guy out give him a solid hug good-bye and tell'em
you always liked the chili they brought on "goodie day" because the tomatoes
didn't overpower the onions. This will ensure he doesn't try to come back
and slash your tires.
Aaron Bartell
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[
mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Sharon Wintermute
Sent: Tuesday, July 03, 2007 12:50 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: Preparing for a High-profile Termination
Search all source code for their user id to make sure they don't sabotage as
well.
I have seen this done more than once. Took more than 3 days to recover from
the last one.
Sharon
Steve Martinson wrote:
Situation:
High-profile, knowledgeable staff member soon to be terminated
(employment, not by Ahh-nold); has "keys to the kingdom" for both the System
i and the network; likely knows passwords for many service and/or utility
profiles on the iSeries.
Requirement:
Prior to term date, analyze system for vulnerabilities associated with a
position like the one described above and prepare a task list that will
address the situation both before and after the termination.
Areas to be reviewed include system values, network attributes (exit
points too), directory entries, SST, job descriptions, subsystem routing
entries, all user and group profile parameters and their implications,
authorities to libraries, directory (WRKLNK) authorities, etc.
Can anyone think of anything else that could be a critical hole that
should be reviewed/covered?
Best regards and TIA,
Steven W. Martinson, CISSP, CISM
Sheshunoff Management Services, LP.
Senior Consultant - Technology & Risk Management
2801 Via Fortuna, Suite 600 | Austin, TX 78746
Direct: 281.758.2429 | Mobile: 512.779.2630
e.Mail: smartinson@xxxxxxxxx
CONFIDENTIAL
This e-mail and any files transmitted with it are the property of BillSoft,
Incorporated and/or its affiliates, are confidential, and are intended
solely for the use of the individual or entity to whom this e-mail is
addressed. If there is a non-disclosure agreement in effect between
BillSoft and the recipient, the contents of this email and any files
transmitted with it should be treated as confidential under the terms of
such agreement. If you are not one of the named recipients or otherwise
have reason to believe that you have received this e-mail in error, please
notify the sender and delete this message immediately from your computer.
Any other use, retention, dissemination, forwarding, printing or copying of
this e-mail is strictly prohibited.
"BillSoft" and "EZTax" are registered trademarks of BillSoft, Incorporated.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
http://archive.midrange.com/midrange-l.
midrange.com
