Thursday, 4 December 2008

Who can you trust!

I suspect that you have read about the network manager in San Francisco who held the whole city hostage a while back. I think it is a fun example of the old saying “who polices the police that polices the police?”. There are many fun examples when people that should have been trustworthy turned out to be quite the opposite. One of my favourites is when a system administrator had an argument with his manager and decided to send out all email in the mail server to everybody in the company as revenge. And as it turned out, the manager had an affair with his secretary and they used emails to set up meetings.
Another famous example is the English bank clerk who changed the address for some of the banks customer to his home address. He then sent payments to his home and collected the money. He got caught of course….
To quote my head of development: Power corrupts; absolute power corrupts absolutely (but it rocks absolutely too)
The simple conclusion is that no one should have all the power, not even the IT-department. I often see that all people working at the IT-department has access to all systems, not because they need it, but that is they way they always done things.
All systems should be built according to the “2-hands principle”. In addition to that, logs are a very good way to make people behave.

No comments: