CWilt@xxxxxxxxxxxx wrote: >First step was to take away *ALLOBJ from most of the 259 users who had it; >initially just those who didn't know they had it or what it really meant. >The battle to take it away from those who know will be fought a little later >;-) Charles: The first step ought to be determining who has civil (and possibly criminal) liability for system security. Tell anyone who has *ALLOBJ that they may keep it if the liable person provides you with a memo authorizing it and tell the responsible person to expect requests. If you don't have memos within, say, three working days, remove *ALLOBJ. Simple. It's possible that the person(s) with significant liability doesn't even know it. But there are such people in your organization. Once the identity is established and generally known, your task will be much easier. Requesting memos is a powerful move. (And _keep_ them.) Tom Liotta -- Tom Liotta The PowerTech Group, Inc. 19426 68th Avenue South Kent, WA 98032 Phone 253-872-7788 x313 Fax 253-872-7904 http://www.powertech.com __________________________________________________________________ Introducing the New Netscape Internet Service. Only $9.95 a month -- Sign up today at http://isp.netscape.com/register Netscape. Just the Net You Need. New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web and block those annoying pop-ups. Download now at http://channels.netscape.com/ns/search/install.jsp
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.