Just wanted to link to some (months old) updates on the Terry Childs case, the SF Net Admin who locked the city out of the network. ComputerWorld has two updates, one from July and another in August where 3 of the 4 charges against Childs were dropped.
Why am I bothering? Because this is a big deal, even if many people fall quite easily into the black or white sides on this topic and even if the conclusion of this case will slide into history quietly with no fanfare.
Have you ever been in charge of a privileged account? Or built a system or network that your job is to secure and protect? And then ever have someone ask you for that password, or to bastardize that account setup, or allow someone inferior to access, modify, or change the requirements of your setup in a way that decreases the stability and/or security? It’s not a fun to position to be in, especially in the constantly-on worlds of stability and security. I’ve never been and likely never will be in a position as huge as Terry, but on much smaller scales I have felt the pangs of frustration when other business units diminish my work because they make their own decisions, and so on.
Just today I was asked to give over an account password to a SQL DBA. This account is intended to be used in only one place and considered sensitive to the point that only admins on my level have access to it, and even then we forget the password after setting it. But now I’m put into a position where another set of eyes gets to see the password and store it to his leisure (and have it transmitted to him probably via internal email). And to have that account and password stored in a second system beyond the intended use. My initial reaction is that of concern, and it is frustrating to build up security only to have it dropped back down for whatever reasons.
Yes, an admin probably should defer to the actual owners of the system (business or political), or look out for the better good of the whole (usually a business and the customers). But sociologically it is a deep topic, and in terms of security a very weighty one. Do you set a precedent that access is shared out? That you never divulge the secrets? That you divulge the secrets when compelled? That you deny there are certain admins and rock stars in a business that truly do have godlike abilities and the value would be diminished if you limit that? And so on…
It really winds up being a series of problems with no real solution once you look at the various extremes. This is one aspect of why I think “risk management” is the rising star these days. Which extreme is the least risky and least costly/likely?