Okay, so you’re not up to a wastebasket audit? Too demeaning, too sneaky, too many sticky candy wrappers? How about a simple server share audit?
Many companies have shared drives, and then they have “over-shared” drives, those locations where anyone who needs a space to store files that they share with a couple departments. Or perhaps your company just doesn’t lock their shares according to the least privilege principle.
Continue reading →
Like this:
Like Loading...
Filed under Audit, How to...
Tagged as appraisal, Audit, confidential, demotion, easy, encryption, intellectual property, lawsuit, least privilege, medical history, naked, nude, password, PII, porn, salary, search, server, sex, share, social security, SSN, theft, trade secret, wastebasket audit, xxx
Auditors identify weaknesses in company policies and practices, but they often act like the same users they laugh about behind closed doors. And they often don’t protect their own data, or the sensitive data they access in the course of doing their jobs.
How many times have you observed auditors do the following (I’d love to hear YOUR stories):
Continue reading →
Like this:
Like Loading...
ITauditSecurity 