If you are in IT, audit, or security (or any other job requiring data analysis), you should NOT be cleaning data manually.
Let me share a recent experience with you….
A young IT auditor texted me at work and asked for some Active Directory user account data that I capture automatically every week, using some scheduled ACL scripts.
If you’re not familiar with my ‘Quote of the Weak’ series, I described it briefly in About. For a list of posts in this series, see here.
Filed under Audit, Case Files, Data Analytics, Excel, How to..., Quote of the Weak, Security, Technology
It’s 10 o’clock in the cloud. Do you know where all your user IDs are? Are some hidden in the cloud?
Cloud security if often cloudy because it’s not on premise where you can control it easier.
That means you may have powerful user IDs in the cloud that your security team knows nothing about, which means….
Filed under Audit, Case Files, Technology
About a decade ago, I personally witnessed the handover of the simplest, cheapest, and most effective disaster recover plan ever.
Let me first give you a little background….
I worked for a great IT director, who moved to another company, much bigger, and brought me with him.
In the new company, he again was responsible for all IT, and he brought me along to manage security and disaster recovery.
If I named this company, at least 25% of you would recognize it, even those of you around the world–true story, too.
Filed under Case Files, Humor/Irony, Security, Security Scout, Technology
Most of the team deployed to the 2 departments and started emptying wastebaskets in the ‘wastebasket audit‘ exercise, collecting all the trash in large carts on wheels.
Two others were posted as look-outs in the main hallways outside the target department.
I carried my black bag of tools and approached THE door.
I pulled out my favorite flat-head screwdriver. Originally, I was going to remove the closing arm at the top of the door and then pry the hinge pins out of the hinges.
This is the fifth and final post in a series. See the previous post, Behind Locked Doors: Part 4. Start with Behind Locked Doors: Part 1.
Filed under Audit, Case Files, fraud, Security, Technology
I had to get that database fast.
After a long security team meeting, garnished with lots of pepperoni and green olive pizza, we divided the staff into 2 teams. Team A started scanning and probing the target department’s servers in search of vulnerabilities that would provide us with admin access over the network.
Team B started planning a physical intrusion in case Team A failed.
After a couple hours, I was notified that the vulnerability team came up short. None of the identified vulnerabilities could be used to escalate our permissions.
A member of the physical intrusion team called maintenance and requested help from a specific maintenance guy: Zeke. The security team member said that we “needed Zeke’s help locating an electrical breaker panel” in a certain department.
This is the fourth post in a series. See Behind Locked Doors: Part 3. The next post will be the conclusion.
Filed under Audit, Case Files, fraud, Security, Technology
A couple days after I provided Leeda with access to the suspect’s email, her number flashed on my phone again.
I picked up the phone and said, “Hi, Leeda. Find anything interesting in that guy’s email?” I knew she wouldn’t tell me much, but I pried anyway. It was second nature.
I could hear the Internal Audit manager’s smile when she said,”Nice try, Mack. You know that street only goes one way, and you’re headed in the wrong direction.”
This is the third post in a series. See Behind Locked Doors: Part 2.
Filed under Audit, Case Files, fraud, Security, Technology
This time, it was my turn to call someone for help.
The phone rang half a ring before I heard a familiar “Hello?” on the other end.
“Hi, James, it’s Mack. I need a favor from you, and I need today, before 5 pm.”
“Not urgent, huh?”, James teased.
“Not really, I just need it today. And I need you to keep it quiet,” I warned.
This is the second post in a series. See Behind Locked Doors: Part 1.
Filed under Audit, Case Files, fraud, Security, Technology
