1. Old admin knows many management passwords 2. Old admin goes to work for competitor 3. Company and competitor are up for same contracts 4. Old admin remotes into company to look at emails and presentation materials 5. Competitor starts taking business from company by usurping sales pitches in very specific ways 6. I get hired 2+ years after old admin in question 7. I review remote logs to establish behavioral patterns 8. I see odd logon behavior and trace repetitive IPs 9. I trace IPs to competitor as well as old admin specifically
I am Jacks complete lack of surprise when management doesnt change their password and uses the same passwords for many things. -- Espi On Mon, Apr 25, 2016 at 4:27 PM, Kennedy, Jim <kennedy...@elyriaschools.org> wrote: > > "Even six months is far better than never" > > Why? > > ------------------------------ > *From:* listsadmin@lists.myitforum.com [listsadmin@lists.myitforum.com] > on behalf of Dave Lum [l...@ochin.org] > *Sent:* Monday, April 25, 2016 6:58 PM > *To:* ntsys...@lists.myitforum.com > *Subject:* [NTSysADM] Password expiring debate on patch management > > Anyone see the debate on the Patch management list, driven by this: > https://www.cesg.gov.uk/articles/problems-forcing-regular-password-expiry > > > > I don’t even know how it’s a debate other than the desired frequency (no > one-size-fits-all on that IMO). Even six months is far better than never. > With expiring passwords you at bare minimum mitigate employee’s that leave. > > > > *David Lum* > > *Systems Administrator III* > *P:** 503.943.2500 <503.943.2500>* > *E:** l...@ochin.org <l...@ochin.org>* > *A:** 1881 SW Naito Parkway, Portland, OR 97201* > > > [image: Facebook Link] <https://www.facebook.com/OCHINinc>[image: Twitter > Link] <https://twitter.com/ochininc>[image: Linkedin Link] > <http://www.linkedin.com/company/ochin> www.ochin.org > [image: OCHIN email] > > > > > > > > > > > Attention: Information contained in this message and or attachments is > intended only for the recipient(s) named above and may contain confidential > and or privileged material that is protected under State or Federal law. If > you are not the intended recipient, any disclosure, copying, distribution > or action taken on it is prohibited. If you believe you have received this > email in error, please contact the sender with a copy to > complia...@ochin.org, delete this email and destroy all copies. >
