LINUX SECURITY --- April 10, 2001
Published by ITworld.com -- changing the way you view IT
http://www.itworld.com/newsletters
__________________________________________________________________________
______
HIGHLIGHTS
* When the ax starts to fall, take measures to defend against former
employees seeking revenge.
__________________________________________________________________________
____
Dealing with Layoffs
By Rick Johnson
These days, layoffs have become an unfortunate reality; even brick and
mortar companies founded generations long past are not immune. If the
current market fallout hasn't hit your company, then it's only a matter
of time. This trend of swift and disturbing layoffs leaves shafted
employees understandably upset and potentially disgruntled enough to
vent their frustrations on the various servers.
The chosen few dealing with the aftermath of vacant positions have the
added headache of increasing security. If you are lucky, then
management will give you plenty of warning to disable user accounts and
change root passwords. However, upper management rarely does this,
fearing you will leak the information before it is made public, leaving
you no option but an intense lockdown. The method presents a big
problem as critical areas often are overlooked. If you do find yourself
facing this endeavor, then follow these few steps to make life a little
easier:
1. Compile a complete list of all employees that were laid off.
This may mean multiple calls to department heads, unless the
Human Resources department has the information.
2. Make a thorough list of ALL CRITICAL SYSTEMS and verify each
account that has access. Even if that particular department was
immune to the consolidation, those systems are still at risk.
3. Organize the list by order of risk. Ordering ensures that the
most sensitive systems are locked down first.
I know what you are thinking, "If I spend all my time making these
lists, I am leaving the network wide open." While this may seems
plausible, it is worth the effort. If you forgo these steps, then you
will never know if every key area was covered. All it takes is one open
door and the game is over.
Realistically, such retribution is quite rare. Laid off employees are
just average workers caught up in the evils of business. After the way
most were treated, you may be tempted to look the other way -- don't
let it happen. Remember that by attacking your network, they are making
your life more difficult. For some unknown reason, the last round of
economic downsizing has seen this happening more often. Maybe it's due
to the distinct lack of severance packages, I honestly do not know.
Regardless of the reason, our jobs stay the same: Keep things safe, no
matter what are personal feelings may be.
About the author(s)
-------------------
Rick Johnson is currently the Manager of Security Services for
FusionStorm, a remote managed services company. When not writing, he
heads the development team for PMFirewall, an Ipchains Firewall and
Masquerading Configuration Utility for Linux. Rick can be contacted via
email at rick@pointman.org or on the web at http://www.pointman.org.
__________________________________________________________________________
______
ADDITIONAL RESOURCES
Saying goodbye the right way
http://www.itworld.com/jump/linsec_nl/www.itworld.com/Career/2044/IW001023
calist/
On the firing line
http://www.itworld.com/jump/linsec_nl/www.itworld.com/Career/2044/NWW1106m
an/
Padlocking the balsa wood door
http://www.itworld.com/jump/linsec_nl/www.itworld.com/Sec/2202/CWSTO58140/
Spy case demos insider threat
http://www.itworld.com/jump/linsec_nl/www.itworld.com/Man/3875/CWSTO58062/
Security lies in employees' heads
Good habits are more valuable than expensive firewalls
http://www.itworld.com/jump/linsec_nl/www.itworld.com/Man/3875/UIR010330un
ixsecurity/
__________________________________________________________________________
______
<<attachment: winmail.dat>>