I just walked out a city building with a server. they had never seen me
before but I told them I was from the company that does there PC
support. I do happen to work there. But that makes for very simple
security : >
Kevinm WLKMMAS*TM, QWSZC, VRY+Y, NFH, SAD-VF, DERSDESDFG
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More letters after my name makes me Smarter.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
please respond back to rent this ad space for your needs
-----Original Message-----
From: Whitten, Gary [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 20, 2001 4:09 PM
To: NT System Admin Issues
Subject: RE: Security Audit
I would say that you don't want them to actually read data, but proving
they can or can't get to it is a good thing. You also want them to
evaluate the physical premises for locations of servers and other
things.
I just finished a class on Win2K Security and the instructor mentioned
that he started an audit by noticing the backup tapes on the
receptionist's desk and just signed for them saying 'The other guy's out
sick' and walked out with them so there is definitely a lot to one if
you let them do it right. Dating the boss' daughter/secretary might be a
bit much, though :)
Gary
-----Original Message-----
From: Stephen Chiang [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 20, 2001 6:52 PM
To: NT System Admin Issues
Subject: Security Audit
I'm hiring someone to do a security audit of our site, what are some of
the things that I need to ask a security company to do? Any tips?
THanks.
Stephen
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
