I agree, without the data you have nothing, protecting the data is what its about. Why have controls in systems if you aren't trying to protect the crown jewels which is the data in which your organization/business used to get its job/mission accomplished.
Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected] Work:401-444-9081 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. -----Original Message----- From: Kurt Buff [mailto:[email protected]] Sent: Wednesday, April 17, 2013 2:43 PM To: NT System Admin Issues Subject: Re: On the subject of security... On Wed, Apr 17, 2013 at 11:36 AM, Ben Scott <[email protected]> wrote: > On Wed, Apr 17, 2013 at 2:29 PM, Kurt Buff <[email protected]> wrote: >> On Wed, Apr 17, 2013 at 1:59 AM, James Rankin <[email protected]> wrote: >>> ...today's XKCD sums it up nicely >>> >>> http://xkcd.com/1200/ >> >> So, yeah, that's true if you don't use full disk encryption, or a >> password on your computer/domain account ... > > You're missing the point. > > A lot of devs and admins fall into the trap of protecting the system > and forgetting that there's a reason why we have the system in the > first place. I ultimately don't care about my "root" account. > Protecting it is just a means to an end -- protecting my data, most of > which lives in my user account. No, I'm not missing the point. Protecting the end-user account and its data is what those techniques are for - and they also need to be applied to the root/administrator account. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
