|
Date: Tue, 3 Jul 2007 16:25:30 -0500 (CDT)l@xxxxxxxxxxxx>
From: <macwheel99@xxxxxxxxxxx>
Subject: Re: Preparing for a High-profile Termination
To: Midrange Systems Technical Discussion <midrange-
left
Sorry I have not found time to read all the posts on this
thread.
We have had high profile persons, other than myself, who
the company, some of them not on the most friendly ofterms.
Actions taken included:systems.
* Change our IP addresses so that anyone who connects
remotely that is authorized to do so, has to get the new IP
address and the replacement Cisco cryptographic secret #s.
* Change locks physically on the building, issue new keys to
everyone authorized to enter the building.
* Temporarily have a security firm running interference on
anyone entering the building (they gotta be on the list
issued by HR & Management, or else they not allowed in) ...
this until all the locks get changed.
* Send out e-mail to everyone reminding them how to change
their passwords on each and every one of our computer
* Daily a report to top management on who has not yetchanged
their passwords, and all incidents of suspicious e-visitors.list
On multiple occasions my boss has asked for some kind of
of the tasks that I do, and I comply, then he is notpurpose
interested in details, or in tasks I do for co-workers or
managers not in his chain of command, so for whatever
he wants these task lists, they are not going to be veryhow
helpful to anyone else who later needs to take over my
responsibilities.
A co-worker mentioned to me today
* She I and our boss, each have notes and cheat sheets on
to get the job done.all
* We each can decipher our own notes no problem.
* We have a real hard time of it deciphering another person
notes.
So does the high profile person have notes how things are to
be done on a regular basis & are they where other people can
find them & can other people decipher them?
In my work environment there is extreme pressure to get
things done in very short time intervals, so it is not
unusual that I cut some corners.
There are jobs that run, that send a message to me that they
got done, so I can check to see if some step is missing. It
is not just me that messages automatically go to various co-
workers when some step completed. If the user-ids that are
getting those messages were to be killed, jobs would bomb
over the place.people,
There's a ton of stuff in GO CMDSCDE running in the name of
some employee. We have found that if a sign on is disabled,
that stuff still runs, which makes us happy.
Currently they have me doing end-fiscal, then sending end-
fiscal reports via Excel & e-mail to various & sundry
then months later ask that some end fiscal report be_
rerun ... this means that many many past months end fiscal
reports are in my name. Our security setup such that some
other name cannot get at these reports.
---- Original message ----
Date: Tue, 3 Jul 2007 09:29:58 -0700 (PDT)terminated (employment, not by Ahh-nold); has "keys to the
From: Steve Martinson <smartfamily2003@xxxxxxxxx>
Subject: Preparing for a High-profile Termination
To: midrange forum <midrange-l@xxxxxxxxxxxx>
Situation:
High-profile, knowledgeable staff member soon to be
kingdom" for both the System i and the network; likely knows
passwords for many service and/or utility profiles on the
iSeries.
associated with a position like the one described above and
Requirement:
Prior to term date, analyze system for vulnerabilities
prepare a task list that will address the situation both
before and after the termination.
attributes (exit points too), directory entries, SST, job
Areas to be reviewed include system values, network
descriptions, subsystem routing entries, all user and group
profile parameters and their implications, authorities to
libraries, directory (WRKLNK) authorities, etc.
hole that should be reviewed/covered?
Can anyone think of anything else that could be a critical
Best regards and TIA,
Steven W. Martinson, CISSP, CISM
Sheshunoff Management Services, LP.
Senior Consultant - Technology & Risk Management
2801 Via Fortuna, Suite 600 | Austin, TX 78746
Direct: 281.758.2429 | Mobile: 512.779.2630
e.Mail: smartinson@xxxxxxxxx
____________________________________________________________
_______________________L) mailing list
Sick sense of humor? Visit Yahoo! TV'sL) mailing list
Comedy with an Edge to see what's on, when.
http://tv.yahoo.com/collections/222
--
This is the Midrange Systems Technical Discussion (MIDRANGE-
To post a message email: MIDRANGE-L@xxxxxxxxxxxx--
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
This is the Midrange Systems Technical Discussion (MIDRANGE-
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.