Tell your manager to watch some Judge Judy or any other real life courtroom show and any given day will have some family member at another family member's throat. Internal threats are your biggest threat and mitigating the simple stuff is a good practice. I've seen completely professional people lose it and do the nuttiest things that you would never have expected.
At least you had the conversation with him, that's a good start. -Jeff Steward On Fri, Aug 27, 2010 at 1:56 PM, John Aldrich <[email protected]>wrote: > Well, I talked with the manager over the customer service people. He > feels that as there’s only about a half-dozen people there, that it’s sorta > like family…no one is going to go to someone else’s computer and attempt to > frame them for something. As for sharing email, I’ve set it up, but we take > orders via email sometimes, so it would be confusing to try and figure out > who was supposed to be entering that order. I think it’s a lost cause for > customer service. When/if we get more people, I might raise the prospect > again, but for now, I think we’ll just keep the distribution list internal > and hope that the ladies in customer service don’t try to frame each other > for their misdeeds. > > > > [image: John-Aldrich][image: Tile-Tools] > > > > *From:* Alan Davies [mailto:[email protected]] > *Sent:* Friday, August 27, 2010 10:54 AM > > *To:* NT System Admin Issues > *Subject:* RE: Password sharing policy > > > > Fair enough .. and that's part of the risk assessment you do for conducting > business at that level. Nothing too far wrong with it if you understand and > accept the risk and have no legal/regulatory necessity to comply. There are > other controls you may wish to put in place ... from a very basic level a > paper based system of held records for use of particular credentials. For > every solution there are many nuts to crack ... or cats to skin ... or > something .. > > > > > > > > a > > > ------------------------------ > > *From:* John Aldrich [mailto:[email protected]] > *Sent:* 27 August 2010 15:40 > > *To:* NT System Admin Issues > *Subject:* RE: Password sharing policy > > A couple problems – our email is hosted, and while I can share email > usernames/passwords, that’s about all I can do. > > Second, we don’t have a lot of money right now to spend on IT, or anything > much. Third, we’re privately held, and don’t process credit cards so there’s > very little regulatory compliance of which I’m aware, that we could fall > afoul of. > > > > [image: John-Aldrich][image: Tile-Tools] > > > > *From:* Alan Davies [mailto:[email protected]] > *Sent:* Friday, August 27, 2010 10:02 AM > > *To:* NT System Admin Issues > *Subject:* RE: Password sharing policy > > > > What's wrong with sharing mailboxes, etc. instead so there's some prospect > of auditing? Same with folder ACLs. If you have the money, there are > enterprise solutions to ease the pain ... > > > > There's nothing I can think of that would cause me to allow an employee to > do this. Particularly since it's a hard regulatory requirement not to. > > > > > > > > a > > > ------------------------------ > > *From:* John Aldrich [mailto:[email protected]] > *Sent:* 27 August 2010 14:40 > > *To:* NT System Admin Issues > *Subject:* RE: Password sharing policy > > Necessary evil among customer service here… We have people out one day/week > on a rotating basis, and the person that is covering their area for them has > to be able to log in as that user. I strongly discourage anyone outside > that area from sharing their passwords, but we have no active policy > regarding it. > > > > [image: John-Aldrich][image: Tile-Tools] > > > > *From:* Bob Fronk [mailto:[email protected]] > *Sent:* Friday, August 27, 2010 8:43 AM > *To:* NT System Admin Issues > *Subject:* OT: Password sharing policy > > > > Good morning list…. > > > > I am interested in seeing any written “password sharing” policies you have > in place. It seems ours is written in Latin, since no one seems to > understand it. > > > > I am going to draft a new policy, but would like to see how others handle > this and get opinions from the list on how “big of a deal” sharing passwords > is in other businesses. (Personally, I think it is a BIG deal) > > > > Thanks, > > > > BF > > > > > > > > > > > > > > > ************************************************************************************ > > WARNING: > > The information in this email and any attachments is confidential and may > be legally privileged. > > > > If you are not the named addressee, you must not use, copy or disclose this > email (including any attachments) or the information in it save to the named > addressee nor take any action in reliance on it. If you receive this email > or any attachments in error, please notify the sender immediately and then > delete the same and any copies. > > > > "CLS Services Ltd × Registered in England No 4132704 × Registered Office: > Exchange Tower × One Harbour Exchange Square × London E14 9GE" > > > > > > > > > > > > > ************************************************************************************ > > WARNING: > > The information in this email and any attachments is confidential and may > be legally privileged. > > > > If you are not the named addressee, you must not use, copy or disclose this > email (including any attachments) or the information in it save to the named > addressee nor take any action in reliance on it. If you receive this email > or any attachments in error, please notify the sender immediately and then > delete the same and any copies. > > > > "CLS Services Ltd × Registered in England No 4132704 × Registered Office: > Exchange Tower × One Harbour Exchange Square × London E14 9GE" > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > --- > You are currently subscribed to ntsysadmin as: [email protected]. > To unsubscribe click here: > http://lyris.sunbelt-software.com/u?id=8250068.606d17937843617f86ab4441e27acc58&n=T&l=ntsysadmin&o=9076906 > > (It may be necessary to cut and paste the above URL if the line is broken) > or send a blank email to > leave-9076906-8250068.606d17937843617f86ab4441e27ac...@lyris.sunbelt-software.com > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- You are currently subscribed to ntsysadmin as: [email protected]. To unsubscribe click here: http://lyris.sunbelt-software.com/u?id=8142875.a9cf90b99baa17cb4fcf8293a59eb3b1&n=T&l=ntsysadmin&o=9077040 or send a blank email to leave-9077040-8142875.a9cf90b99baa17cb4fcf8293a59eb...@lyris.sunbelt-software.com
<<image002.jpg>>
<<image001.jpg>>
