Network users' slack system management is creating a security risk, industry experts have warned.
Network IT Week, 20 Jun 2001
Network users' slack system management is creating a security risk, industry experts have warned.
Rob Enderle, research fellow at Giga Information Group, said that maintenance on user accounts has become an important networking issue. He warned that negligence in closing accounts after a user left the company could subject corporate networks to the mercy of disgruntled ex-employees, temps or contractors.
He argued that organisations usually deploy multiple software applications, with separate accounts to set-up. After creation, each login needs maintenance and closure when users leave the company. But the complexity of account maintenance process was prone to create 'orphan accounts', which remained open even though users had left.
"It means an important security risk. Fraud cases often involve temps who used their system account after they left the company," said Enderle. Even IBM has been known to have left accounts open three months after the employees had departed.
Software company Access360 last week unveiled enRole, a product that aims to reduce time spent on account creation from a typical five days to 10 minutes, and simplify maintenance and the closure of accounts.
Enderle said that enRole held an advantage over competing products as it works across all systems, while IBM or Microsoft offerings only work for their own range of software.
Brian Anderson, developer turned chief marketing officer at Access360, said that enRole integrates separated system accounts into a single point of administration. This ties into the human resources system to verify if employees exist, and flags accounts where system authorisation exceeds job title.
"An international oil company recently started using our product and found they had 80,000 orphan accounts. This number is not unusual in large corporations and network managers should plug this gap in their security," he said.
Rob Bruce, executive vice president at InterX, said a similar product may have been useful when the company laid off a quarter of its workforce. "We shut down the network to rule out abuse," he said.
Also published in Network News
We are at an important point in the evolution of computer networking, as the traditional distinction between telecommunications and office-based computer data networks begins to blur.
How to 'harden' your Cisco router.
First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1
Google's announcement this week that it plans to step into...
Do you agree?
Have your say on this article