External Auditors rarely have to deal with internal politics and have only limited say in internal running of the business unless you are in one the the HIPPA/SOX/etc type of environments.
Jon On Fri, Jun 18, 2010 at 7:52 PM, James Hill <[email protected]>wrote: > Interestingly some of the changes I have made were recently given the big > tick of approval from external Auditors. > > > > > > *From:* Erik Goldoff [mailto:[email protected]] > *Sent:* Friday, 18 June 2010 10:23 PM > > *To:* NT System Admin Issues > *Subject:* RE: Handling Developers > > > > 1. There’s the way that makes the developers’ life the easiest > > 2. There’s the way that makes the environment most secure > > 3. There’s the way provides an optimum balance between the first two > > > > I fought this battle at a previous job, where the ENTIRE IT Department had > Domain Admin privileges, not just local to their machine. The developers > perceived that they needed to be domain admins to properly execute their > job. The VP of IT was previously the Application Development Manager, so > guess which way he was leaning … > > It was a long, hard battle, with precious few victories. PCI compliance > helped me to gain some footing, but in the end, I was seen as counter > productive to the developers’ goals, and obviously unhappy there. Did I > mention this was a **previous** employer ? > > > > > > *Erik Goldoff*** > > *IT Consultant* > > *Systems, Networks, & Security * > > ' Security is an ongoing process, not a one time event ! ' > > *From:* James Hill [mailto:[email protected]] > *Sent:* Friday, June 18, 2010 8:05 AM > > *To:* NT System Admin Issues > *Subject:* Re: Handling Developers > > > > Thanks Andrew. > > > I have considered your approaches in the past. I think my frustrations > have clouded my thoughts somewhat. > > At the moment they have the ability to run as and elevation as they know > the local admin password. But of course complain about having to type it > in. > > One argument was that with their previous and larger employer they did what > they wished. Hence why I am after as much opinion from other professionals > that I can get. > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
