RE: [ActiveDir] Sarbannes Oxley compliance

[joe]

Some companies may be going overboard but it will be tough to tell until the first lucky few go to jail to really know for sure. I can think of a few I wouldn't mind being made examples of. :o)   I think the idea of least permissions is a great idea no matter if their is a jail term behind it or not. If people kept things properly locked down they wouldn't have to be so concerned about DR and auditing and wondering how the heck this that or the other thing happened.       joe From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark Sent: Wednesday, June 23, 2004 1:21 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Sarbannes Oxley compliance I’m curious what, if any, changes to everyday administration the folks on this list are making in preparation for Sarbannes Oxley compliance. Specifically, is anyone making a conscious effort to remove daily admin rights from people whose job it is to do domain administration, in favor of a “break the glass when needed” type of philosophy? I’m just starting to look into this, but I’m getting the feeling some companies are going overboard. Any observation from the group is always welcome…   Mark Creamer